xref: /linux/drivers/scsi/mpt3sas/mpt3sas_ctl.c (revision ca55b2fef3a9373fcfc30f82fd26bc7fccbda732)
1 /*
2  * Management Module Support for MPT (Message Passing Technology) based
3  * controllers
4  *
5  * This code is based on drivers/scsi/mpt3sas/mpt3sas_ctl.c
6  * Copyright (C) 2012-2014  LSI Corporation
7  * Copyright (C) 2013-2014 Avago Technologies
8  *  (mailto: MPT-FusionLinux.pdl@avagotech.com)
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License
12  * as published by the Free Software Foundation; either version 2
13  * of the License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * NO WARRANTY
21  * THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR
22  * CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT
23  * LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT,
24  * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is
25  * solely responsible for determining the appropriateness of using and
26  * distributing the Program and assumes all risks associated with its
27  * exercise of rights under this Agreement, including but not limited to
28  * the risks and costs of program errors, damage to or loss of data,
29  * programs or equipment, and unavailability or interruption of operations.
30 
31  * DISCLAIMER OF LIABILITY
32  * NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY
33  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
34  * DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND
35  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
36  * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
37  * USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
38  * HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
39 
40  * You should have received a copy of the GNU General Public License
41  * along with this program; if not, write to the Free Software
42  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301,
43  * USA.
44  */
45 
46 #include <linux/kernel.h>
47 #include <linux/module.h>
48 #include <linux/errno.h>
49 #include <linux/init.h>
50 #include <linux/slab.h>
51 #include <linux/types.h>
52 #include <linux/pci.h>
53 #include <linux/delay.h>
54 #include <linux/compat.h>
55 #include <linux/poll.h>
56 
57 #include <linux/io.h>
58 #include <linux/uaccess.h>
59 
60 #include "mpt3sas_base.h"
61 #include "mpt3sas_ctl.h"
62 
63 
64 static struct fasync_struct *async_queue;
65 static DECLARE_WAIT_QUEUE_HEAD(ctl_poll_wait);
66 
67 
68 /**
69  * enum block_state - blocking state
70  * @NON_BLOCKING: non blocking
71  * @BLOCKING: blocking
72  *
73  * These states are for ioctls that need to wait for a response
74  * from firmware, so they probably require sleep.
75  */
76 enum block_state {
77 	NON_BLOCKING,
78 	BLOCKING,
79 };
80 
81 #ifdef CONFIG_SCSI_MPT3SAS_LOGGING
82 /**
83  * _ctl_sas_device_find_by_handle - sas device search
84  * @ioc: per adapter object
85  * @handle: sas device handle (assigned by firmware)
86  * Context: Calling function should acquire ioc->sas_device_lock
87  *
88  * This searches for sas_device based on sas_address, then return sas_device
89  * object.
90  */
91 static struct _sas_device *
92 _ctl_sas_device_find_by_handle(struct MPT3SAS_ADAPTER *ioc, u16 handle)
93 {
94 	struct _sas_device *sas_device, *r;
95 
96 	r = NULL;
97 	list_for_each_entry(sas_device, &ioc->sas_device_list, list) {
98 		if (sas_device->handle != handle)
99 			continue;
100 		r = sas_device;
101 		goto out;
102 	}
103 
104  out:
105 	return r;
106 }
107 
108 /**
109  * _ctl_display_some_debug - debug routine
110  * @ioc: per adapter object
111  * @smid: system request message index
112  * @calling_function_name: string pass from calling function
113  * @mpi_reply: reply message frame
114  * Context: none.
115  *
116  * Function for displaying debug info helpful when debugging issues
117  * in this module.
118  */
119 static void
120 _ctl_display_some_debug(struct MPT3SAS_ADAPTER *ioc, u16 smid,
121 	char *calling_function_name, MPI2DefaultReply_t *mpi_reply)
122 {
123 	Mpi2ConfigRequest_t *mpi_request;
124 	char *desc = NULL;
125 
126 	if (!(ioc->logging_level & MPT_DEBUG_IOCTL))
127 		return;
128 
129 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
130 	switch (mpi_request->Function) {
131 	case MPI2_FUNCTION_SCSI_IO_REQUEST:
132 	{
133 		Mpi2SCSIIORequest_t *scsi_request =
134 		    (Mpi2SCSIIORequest_t *)mpi_request;
135 
136 		snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
137 		    "scsi_io, cmd(0x%02x), cdb_len(%d)",
138 		    scsi_request->CDB.CDB32[0],
139 		    le16_to_cpu(scsi_request->IoFlags) & 0xF);
140 		desc = ioc->tmp_string;
141 		break;
142 	}
143 	case MPI2_FUNCTION_SCSI_TASK_MGMT:
144 		desc = "task_mgmt";
145 		break;
146 	case MPI2_FUNCTION_IOC_INIT:
147 		desc = "ioc_init";
148 		break;
149 	case MPI2_FUNCTION_IOC_FACTS:
150 		desc = "ioc_facts";
151 		break;
152 	case MPI2_FUNCTION_CONFIG:
153 	{
154 		Mpi2ConfigRequest_t *config_request =
155 		    (Mpi2ConfigRequest_t *)mpi_request;
156 
157 		snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
158 		    "config, type(0x%02x), ext_type(0x%02x), number(%d)",
159 		    (config_request->Header.PageType &
160 		     MPI2_CONFIG_PAGETYPE_MASK), config_request->ExtPageType,
161 		    config_request->Header.PageNumber);
162 		desc = ioc->tmp_string;
163 		break;
164 	}
165 	case MPI2_FUNCTION_PORT_FACTS:
166 		desc = "port_facts";
167 		break;
168 	case MPI2_FUNCTION_PORT_ENABLE:
169 		desc = "port_enable";
170 		break;
171 	case MPI2_FUNCTION_EVENT_NOTIFICATION:
172 		desc = "event_notification";
173 		break;
174 	case MPI2_FUNCTION_FW_DOWNLOAD:
175 		desc = "fw_download";
176 		break;
177 	case MPI2_FUNCTION_FW_UPLOAD:
178 		desc = "fw_upload";
179 		break;
180 	case MPI2_FUNCTION_RAID_ACTION:
181 		desc = "raid_action";
182 		break;
183 	case MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
184 	{
185 		Mpi2SCSIIORequest_t *scsi_request =
186 		    (Mpi2SCSIIORequest_t *)mpi_request;
187 
188 		snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
189 		    "raid_pass, cmd(0x%02x), cdb_len(%d)",
190 		    scsi_request->CDB.CDB32[0],
191 		    le16_to_cpu(scsi_request->IoFlags) & 0xF);
192 		desc = ioc->tmp_string;
193 		break;
194 	}
195 	case MPI2_FUNCTION_SAS_IO_UNIT_CONTROL:
196 		desc = "sas_iounit_cntl";
197 		break;
198 	case MPI2_FUNCTION_SATA_PASSTHROUGH:
199 		desc = "sata_pass";
200 		break;
201 	case MPI2_FUNCTION_DIAG_BUFFER_POST:
202 		desc = "diag_buffer_post";
203 		break;
204 	case MPI2_FUNCTION_DIAG_RELEASE:
205 		desc = "diag_release";
206 		break;
207 	case MPI2_FUNCTION_SMP_PASSTHROUGH:
208 		desc = "smp_passthrough";
209 		break;
210 	}
211 
212 	if (!desc)
213 		return;
214 
215 	pr_info(MPT3SAS_FMT "%s: %s, smid(%d)\n",
216 	    ioc->name, calling_function_name, desc, smid);
217 
218 	if (!mpi_reply)
219 		return;
220 
221 	if (mpi_reply->IOCStatus || mpi_reply->IOCLogInfo)
222 		pr_info(MPT3SAS_FMT
223 		    "\tiocstatus(0x%04x), loginfo(0x%08x)\n",
224 		    ioc->name, le16_to_cpu(mpi_reply->IOCStatus),
225 		    le32_to_cpu(mpi_reply->IOCLogInfo));
226 
227 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
228 	    mpi_request->Function ==
229 	    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
230 		Mpi2SCSIIOReply_t *scsi_reply =
231 		    (Mpi2SCSIIOReply_t *)mpi_reply;
232 		struct _sas_device *sas_device = NULL;
233 		unsigned long flags;
234 
235 		spin_lock_irqsave(&ioc->sas_device_lock, flags);
236 		sas_device = _ctl_sas_device_find_by_handle(ioc,
237 		    le16_to_cpu(scsi_reply->DevHandle));
238 		if (sas_device) {
239 			pr_warn(MPT3SAS_FMT "\tsas_address(0x%016llx), phy(%d)\n",
240 				ioc->name, (unsigned long long)
241 			    sas_device->sas_address, sas_device->phy);
242 			pr_warn(MPT3SAS_FMT
243 			    "\tenclosure_logical_id(0x%016llx), slot(%d)\n",
244 			    ioc->name, (unsigned long long)
245 			    sas_device->enclosure_logical_id, sas_device->slot);
246 		}
247 		spin_unlock_irqrestore(&ioc->sas_device_lock, flags);
248 		if (scsi_reply->SCSIState || scsi_reply->SCSIStatus)
249 			pr_info(MPT3SAS_FMT
250 			    "\tscsi_state(0x%02x), scsi_status"
251 			    "(0x%02x)\n", ioc->name,
252 			    scsi_reply->SCSIState,
253 			    scsi_reply->SCSIStatus);
254 	}
255 }
256 
257 #endif
258 
259 /**
260  * mpt3sas_ctl_done - ctl module completion routine
261  * @ioc: per adapter object
262  * @smid: system request message index
263  * @msix_index: MSIX table index supplied by the OS
264  * @reply: reply message frame(lower 32bit addr)
265  * Context: none.
266  *
267  * The callback handler when using ioc->ctl_cb_idx.
268  *
269  * Return 1 meaning mf should be freed from _base_interrupt
270  *        0 means the mf is freed from this function.
271  */
272 u8
273 mpt3sas_ctl_done(struct MPT3SAS_ADAPTER *ioc, u16 smid, u8 msix_index,
274 	u32 reply)
275 {
276 	MPI2DefaultReply_t *mpi_reply;
277 	Mpi2SCSIIOReply_t *scsiio_reply;
278 	const void *sense_data;
279 	u32 sz;
280 
281 	if (ioc->ctl_cmds.status == MPT3_CMD_NOT_USED)
282 		return 1;
283 	if (ioc->ctl_cmds.smid != smid)
284 		return 1;
285 	ioc->ctl_cmds.status |= MPT3_CMD_COMPLETE;
286 	mpi_reply = mpt3sas_base_get_reply_virt_addr(ioc, reply);
287 	if (mpi_reply) {
288 		memcpy(ioc->ctl_cmds.reply, mpi_reply, mpi_reply->MsgLength*4);
289 		ioc->ctl_cmds.status |= MPT3_CMD_REPLY_VALID;
290 		/* get sense data */
291 		if (mpi_reply->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
292 		    mpi_reply->Function ==
293 		    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
294 			scsiio_reply = (Mpi2SCSIIOReply_t *)mpi_reply;
295 			if (scsiio_reply->SCSIState &
296 			    MPI2_SCSI_STATE_AUTOSENSE_VALID) {
297 				sz = min_t(u32, SCSI_SENSE_BUFFERSIZE,
298 				    le32_to_cpu(scsiio_reply->SenseCount));
299 				sense_data = mpt3sas_base_get_sense_buffer(ioc,
300 				    smid);
301 				memcpy(ioc->ctl_cmds.sense, sense_data, sz);
302 			}
303 		}
304 	}
305 #ifdef CONFIG_SCSI_MPT3SAS_LOGGING
306 	_ctl_display_some_debug(ioc, smid, "ctl_done", mpi_reply);
307 #endif
308 	ioc->ctl_cmds.status &= ~MPT3_CMD_PENDING;
309 	complete(&ioc->ctl_cmds.done);
310 	return 1;
311 }
312 
313 /**
314  * _ctl_check_event_type - determines when an event needs logging
315  * @ioc: per adapter object
316  * @event: firmware event
317  *
318  * The bitmask in ioc->event_type[] indicates which events should be
319  * be saved in the driver event_log.  This bitmask is set by application.
320  *
321  * Returns 1 when event should be captured, or zero means no match.
322  */
323 static int
324 _ctl_check_event_type(struct MPT3SAS_ADAPTER *ioc, u16 event)
325 {
326 	u16 i;
327 	u32 desired_event;
328 
329 	if (event >= 128 || !event || !ioc->event_log)
330 		return 0;
331 
332 	desired_event = (1 << (event % 32));
333 	if (!desired_event)
334 		desired_event = 1;
335 	i = event / 32;
336 	return desired_event & ioc->event_type[i];
337 }
338 
339 /**
340  * mpt3sas_ctl_add_to_event_log - add event
341  * @ioc: per adapter object
342  * @mpi_reply: reply message frame
343  *
344  * Return nothing.
345  */
346 void
347 mpt3sas_ctl_add_to_event_log(struct MPT3SAS_ADAPTER *ioc,
348 	Mpi2EventNotificationReply_t *mpi_reply)
349 {
350 	struct MPT3_IOCTL_EVENTS *event_log;
351 	u16 event;
352 	int i;
353 	u32 sz, event_data_sz;
354 	u8 send_aen = 0;
355 
356 	if (!ioc->event_log)
357 		return;
358 
359 	event = le16_to_cpu(mpi_reply->Event);
360 
361 	if (_ctl_check_event_type(ioc, event)) {
362 
363 		/* insert entry into circular event_log */
364 		i = ioc->event_context % MPT3SAS_CTL_EVENT_LOG_SIZE;
365 		event_log = ioc->event_log;
366 		event_log[i].event = event;
367 		event_log[i].context = ioc->event_context++;
368 
369 		event_data_sz = le16_to_cpu(mpi_reply->EventDataLength)*4;
370 		sz = min_t(u32, event_data_sz, MPT3_EVENT_DATA_SIZE);
371 		memset(event_log[i].data, 0, MPT3_EVENT_DATA_SIZE);
372 		memcpy(event_log[i].data, mpi_reply->EventData, sz);
373 		send_aen = 1;
374 	}
375 
376 	/* This aen_event_read_flag flag is set until the
377 	 * application has read the event log.
378 	 * For MPI2_EVENT_LOG_ENTRY_ADDED, we always notify.
379 	 */
380 	if (event == MPI2_EVENT_LOG_ENTRY_ADDED ||
381 	    (send_aen && !ioc->aen_event_read_flag)) {
382 		ioc->aen_event_read_flag = 1;
383 		wake_up_interruptible(&ctl_poll_wait);
384 		if (async_queue)
385 			kill_fasync(&async_queue, SIGIO, POLL_IN);
386 	}
387 }
388 
389 /**
390  * mpt3sas_ctl_event_callback - firmware event handler (called at ISR time)
391  * @ioc: per adapter object
392  * @msix_index: MSIX table index supplied by the OS
393  * @reply: reply message frame(lower 32bit addr)
394  * Context: interrupt.
395  *
396  * This function merely adds a new work task into ioc->firmware_event_thread.
397  * The tasks are worked from _firmware_event_work in user context.
398  *
399  * Return 1 meaning mf should be freed from _base_interrupt
400  *        0 means the mf is freed from this function.
401  */
402 u8
403 mpt3sas_ctl_event_callback(struct MPT3SAS_ADAPTER *ioc, u8 msix_index,
404 	u32 reply)
405 {
406 	Mpi2EventNotificationReply_t *mpi_reply;
407 
408 	mpi_reply = mpt3sas_base_get_reply_virt_addr(ioc, reply);
409 	mpt3sas_ctl_add_to_event_log(ioc, mpi_reply);
410 	return 1;
411 }
412 
413 /**
414  * _ctl_verify_adapter - validates ioc_number passed from application
415  * @ioc: per adapter object
416  * @iocpp: The ioc pointer is returned in this.
417  *
418  * Return (-1) means error, else ioc_number.
419  */
420 static int
421 _ctl_verify_adapter(int ioc_number, struct MPT3SAS_ADAPTER **iocpp)
422 {
423 	struct MPT3SAS_ADAPTER *ioc;
424 
425 	list_for_each_entry(ioc, &mpt3sas_ioc_list, list) {
426 		if (ioc->id != ioc_number)
427 			continue;
428 		*iocpp = ioc;
429 		return ioc_number;
430 	}
431 	*iocpp = NULL;
432 	return -1;
433 }
434 
435 /**
436  * mpt3sas_ctl_reset_handler - reset callback handler (for ctl)
437  * @ioc: per adapter object
438  * @reset_phase: phase
439  *
440  * The handler for doing any required cleanup or initialization.
441  *
442  * The reset phase can be MPT3_IOC_PRE_RESET, MPT3_IOC_AFTER_RESET,
443  * MPT3_IOC_DONE_RESET
444  */
445 void
446 mpt3sas_ctl_reset_handler(struct MPT3SAS_ADAPTER *ioc, int reset_phase)
447 {
448 	int i;
449 	u8 issue_reset;
450 
451 	switch (reset_phase) {
452 	case MPT3_IOC_PRE_RESET:
453 		dtmprintk(ioc, pr_info(MPT3SAS_FMT
454 			"%s: MPT3_IOC_PRE_RESET\n", ioc->name, __func__));
455 		for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
456 			if (!(ioc->diag_buffer_status[i] &
457 			    MPT3_DIAG_BUFFER_IS_REGISTERED))
458 				continue;
459 			if ((ioc->diag_buffer_status[i] &
460 			    MPT3_DIAG_BUFFER_IS_RELEASED))
461 				continue;
462 			mpt3sas_send_diag_release(ioc, i, &issue_reset);
463 		}
464 		break;
465 	case MPT3_IOC_AFTER_RESET:
466 		dtmprintk(ioc, pr_info(MPT3SAS_FMT
467 			"%s: MPT3_IOC_AFTER_RESET\n", ioc->name, __func__));
468 		if (ioc->ctl_cmds.status & MPT3_CMD_PENDING) {
469 			ioc->ctl_cmds.status |= MPT3_CMD_RESET;
470 			mpt3sas_base_free_smid(ioc, ioc->ctl_cmds.smid);
471 			complete(&ioc->ctl_cmds.done);
472 		}
473 		break;
474 	case MPT3_IOC_DONE_RESET:
475 		dtmprintk(ioc, pr_info(MPT3SAS_FMT
476 			"%s: MPT3_IOC_DONE_RESET\n", ioc->name, __func__));
477 
478 		for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
479 			if (!(ioc->diag_buffer_status[i] &
480 			    MPT3_DIAG_BUFFER_IS_REGISTERED))
481 				continue;
482 			if ((ioc->diag_buffer_status[i] &
483 			    MPT3_DIAG_BUFFER_IS_RELEASED))
484 				continue;
485 			ioc->diag_buffer_status[i] |=
486 			    MPT3_DIAG_BUFFER_IS_DIAG_RESET;
487 		}
488 		break;
489 	}
490 }
491 
492 /**
493  * _ctl_fasync -
494  * @fd -
495  * @filep -
496  * @mode -
497  *
498  * Called when application request fasyn callback handler.
499  */
500 static int
501 _ctl_fasync(int fd, struct file *filep, int mode)
502 {
503 	return fasync_helper(fd, filep, mode, &async_queue);
504 }
505 
506 /**
507  * _ctl_poll -
508  * @file -
509  * @wait -
510  *
511  */
512 static unsigned int
513 _ctl_poll(struct file *filep, poll_table *wait)
514 {
515 	struct MPT3SAS_ADAPTER *ioc;
516 
517 	poll_wait(filep, &ctl_poll_wait, wait);
518 
519 	list_for_each_entry(ioc, &mpt3sas_ioc_list, list) {
520 		if (ioc->aen_event_read_flag)
521 			return POLLIN | POLLRDNORM;
522 	}
523 	return 0;
524 }
525 
526 /**
527  * _ctl_set_task_mid - assign an active smid to tm request
528  * @ioc: per adapter object
529  * @karg - (struct mpt3_ioctl_command)
530  * @tm_request - pointer to mf from user space
531  *
532  * Returns 0 when an smid if found, else fail.
533  * during failure, the reply frame is filled.
534  */
535 static int
536 _ctl_set_task_mid(struct MPT3SAS_ADAPTER *ioc, struct mpt3_ioctl_command *karg,
537 	Mpi2SCSITaskManagementRequest_t *tm_request)
538 {
539 	u8 found = 0;
540 	u16 i;
541 	u16 handle;
542 	struct scsi_cmnd *scmd;
543 	struct MPT3SAS_DEVICE *priv_data;
544 	unsigned long flags;
545 	Mpi2SCSITaskManagementReply_t *tm_reply;
546 	u32 sz;
547 	u32 lun;
548 	char *desc = NULL;
549 
550 	if (tm_request->TaskType == MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK)
551 		desc = "abort_task";
552 	else if (tm_request->TaskType == MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK)
553 		desc = "query_task";
554 	else
555 		return 0;
556 
557 	lun = scsilun_to_int((struct scsi_lun *)tm_request->LUN);
558 
559 	handle = le16_to_cpu(tm_request->DevHandle);
560 	spin_lock_irqsave(&ioc->scsi_lookup_lock, flags);
561 	for (i = ioc->scsiio_depth; i && !found; i--) {
562 		scmd = ioc->scsi_lookup[i - 1].scmd;
563 		if (scmd == NULL || scmd->device == NULL ||
564 		    scmd->device->hostdata == NULL)
565 			continue;
566 		if (lun != scmd->device->lun)
567 			continue;
568 		priv_data = scmd->device->hostdata;
569 		if (priv_data->sas_target == NULL)
570 			continue;
571 		if (priv_data->sas_target->handle != handle)
572 			continue;
573 		tm_request->TaskMID = cpu_to_le16(ioc->scsi_lookup[i - 1].smid);
574 		found = 1;
575 	}
576 	spin_unlock_irqrestore(&ioc->scsi_lookup_lock, flags);
577 
578 	if (!found) {
579 		dctlprintk(ioc, pr_info(MPT3SAS_FMT
580 			"%s: handle(0x%04x), lun(%d), no active mid!!\n",
581 			ioc->name,
582 		    desc, le16_to_cpu(tm_request->DevHandle), lun));
583 		tm_reply = ioc->ctl_cmds.reply;
584 		tm_reply->DevHandle = tm_request->DevHandle;
585 		tm_reply->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
586 		tm_reply->TaskType = tm_request->TaskType;
587 		tm_reply->MsgLength = sizeof(Mpi2SCSITaskManagementReply_t)/4;
588 		tm_reply->VP_ID = tm_request->VP_ID;
589 		tm_reply->VF_ID = tm_request->VF_ID;
590 		sz = min_t(u32, karg->max_reply_bytes, ioc->reply_sz);
591 		if (copy_to_user(karg->reply_frame_buf_ptr, ioc->ctl_cmds.reply,
592 		    sz))
593 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
594 			    __LINE__, __func__);
595 		return 1;
596 	}
597 
598 	dctlprintk(ioc, pr_info(MPT3SAS_FMT
599 		"%s: handle(0x%04x), lun(%d), task_mid(%d)\n", ioc->name,
600 	    desc, le16_to_cpu(tm_request->DevHandle), lun,
601 	     le16_to_cpu(tm_request->TaskMID)));
602 	return 0;
603 }
604 
605 /**
606  * _ctl_do_mpt_command - main handler for MPT3COMMAND opcode
607  * @ioc: per adapter object
608  * @karg - (struct mpt3_ioctl_command)
609  * @mf - pointer to mf in user space
610  */
611 static long
612 _ctl_do_mpt_command(struct MPT3SAS_ADAPTER *ioc, struct mpt3_ioctl_command karg,
613 	void __user *mf)
614 {
615 	MPI2RequestHeader_t *mpi_request = NULL, *request;
616 	MPI2DefaultReply_t *mpi_reply;
617 	u32 ioc_state;
618 	u16 ioc_status;
619 	u16 smid;
620 	unsigned long timeout, timeleft;
621 	u8 issue_reset;
622 	u32 sz;
623 	void *psge;
624 	void *data_out = NULL;
625 	dma_addr_t data_out_dma = 0;
626 	size_t data_out_sz = 0;
627 	void *data_in = NULL;
628 	dma_addr_t data_in_dma = 0;
629 	size_t data_in_sz = 0;
630 	long ret;
631 	u16 wait_state_count;
632 
633 	issue_reset = 0;
634 
635 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
636 		pr_err(MPT3SAS_FMT "%s: ctl_cmd in use\n",
637 		    ioc->name, __func__);
638 		ret = -EAGAIN;
639 		goto out;
640 	}
641 
642 	wait_state_count = 0;
643 	ioc_state = mpt3sas_base_get_iocstate(ioc, 1);
644 	while (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
645 		if (wait_state_count++ == 10) {
646 			pr_err(MPT3SAS_FMT
647 			    "%s: failed due to ioc not operational\n",
648 			    ioc->name, __func__);
649 			ret = -EFAULT;
650 			goto out;
651 		}
652 		ssleep(1);
653 		ioc_state = mpt3sas_base_get_iocstate(ioc, 1);
654 		pr_info(MPT3SAS_FMT
655 			"%s: waiting for operational state(count=%d)\n",
656 			ioc->name,
657 		    __func__, wait_state_count);
658 	}
659 	if (wait_state_count)
660 		pr_info(MPT3SAS_FMT "%s: ioc is operational\n",
661 		    ioc->name, __func__);
662 
663 	mpi_request = kzalloc(ioc->request_sz, GFP_KERNEL);
664 	if (!mpi_request) {
665 		pr_err(MPT3SAS_FMT
666 			"%s: failed obtaining a memory for mpi_request\n",
667 			ioc->name, __func__);
668 		ret = -ENOMEM;
669 		goto out;
670 	}
671 
672 	/* Check for overflow and wraparound */
673 	if (karg.data_sge_offset * 4 > ioc->request_sz ||
674 	    karg.data_sge_offset > (UINT_MAX / 4)) {
675 		ret = -EINVAL;
676 		goto out;
677 	}
678 
679 	/* copy in request message frame from user */
680 	if (copy_from_user(mpi_request, mf, karg.data_sge_offset*4)) {
681 		pr_err("failure at %s:%d/%s()!\n", __FILE__, __LINE__,
682 		    __func__);
683 		ret = -EFAULT;
684 		goto out;
685 	}
686 
687 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_TASK_MGMT) {
688 		smid = mpt3sas_base_get_smid_hpr(ioc, ioc->ctl_cb_idx);
689 		if (!smid) {
690 			pr_err(MPT3SAS_FMT "%s: failed obtaining a smid\n",
691 			    ioc->name, __func__);
692 			ret = -EAGAIN;
693 			goto out;
694 		}
695 	} else {
696 
697 		smid = mpt3sas_base_get_smid_scsiio(ioc, ioc->ctl_cb_idx, NULL);
698 		if (!smid) {
699 			pr_err(MPT3SAS_FMT "%s: failed obtaining a smid\n",
700 			    ioc->name, __func__);
701 			ret = -EAGAIN;
702 			goto out;
703 		}
704 	}
705 
706 	ret = 0;
707 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
708 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
709 	request = mpt3sas_base_get_msg_frame(ioc, smid);
710 	memcpy(request, mpi_request, karg.data_sge_offset*4);
711 	ioc->ctl_cmds.smid = smid;
712 	data_out_sz = karg.data_out_size;
713 	data_in_sz = karg.data_in_size;
714 
715 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
716 	    mpi_request->Function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
717 		if (!le16_to_cpu(mpi_request->FunctionDependent1) ||
718 		    le16_to_cpu(mpi_request->FunctionDependent1) >
719 		    ioc->facts.MaxDevHandle) {
720 			ret = -EINVAL;
721 			mpt3sas_base_free_smid(ioc, smid);
722 			goto out;
723 		}
724 	}
725 
726 	/* obtain dma-able memory for data transfer */
727 	if (data_out_sz) /* WRITE */ {
728 		data_out = pci_alloc_consistent(ioc->pdev, data_out_sz,
729 		    &data_out_dma);
730 		if (!data_out) {
731 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
732 			    __LINE__, __func__);
733 			ret = -ENOMEM;
734 			mpt3sas_base_free_smid(ioc, smid);
735 			goto out;
736 		}
737 		if (copy_from_user(data_out, karg.data_out_buf_ptr,
738 			data_out_sz)) {
739 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
740 			    __LINE__, __func__);
741 			ret =  -EFAULT;
742 			mpt3sas_base_free_smid(ioc, smid);
743 			goto out;
744 		}
745 	}
746 
747 	if (data_in_sz) /* READ */ {
748 		data_in = pci_alloc_consistent(ioc->pdev, data_in_sz,
749 		    &data_in_dma);
750 		if (!data_in) {
751 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
752 			    __LINE__, __func__);
753 			ret = -ENOMEM;
754 			mpt3sas_base_free_smid(ioc, smid);
755 			goto out;
756 		}
757 	}
758 
759 	psge = (void *)request + (karg.data_sge_offset*4);
760 
761 	/* send command to firmware */
762 #ifdef CONFIG_SCSI_MPT3SAS_LOGGING
763 	_ctl_display_some_debug(ioc, smid, "ctl_request", NULL);
764 #endif
765 
766 	init_completion(&ioc->ctl_cmds.done);
767 	switch (mpi_request->Function) {
768 	case MPI2_FUNCTION_SCSI_IO_REQUEST:
769 	case MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
770 	{
771 		Mpi2SCSIIORequest_t *scsiio_request =
772 		    (Mpi2SCSIIORequest_t *)request;
773 		scsiio_request->SenseBufferLength = SCSI_SENSE_BUFFERSIZE;
774 		scsiio_request->SenseBufferLowAddress =
775 		    mpt3sas_base_get_sense_buffer_dma(ioc, smid);
776 		memset(ioc->ctl_cmds.sense, 0, SCSI_SENSE_BUFFERSIZE);
777 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz,
778 		    data_in_dma, data_in_sz);
779 
780 		if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST)
781 			mpt3sas_base_put_smid_scsi_io(ioc, smid,
782 			    le16_to_cpu(mpi_request->FunctionDependent1));
783 		else
784 			mpt3sas_base_put_smid_default(ioc, smid);
785 		break;
786 	}
787 	case MPI2_FUNCTION_SCSI_TASK_MGMT:
788 	{
789 		Mpi2SCSITaskManagementRequest_t *tm_request =
790 		    (Mpi2SCSITaskManagementRequest_t *)request;
791 
792 		dtmprintk(ioc, pr_info(MPT3SAS_FMT
793 			"TASK_MGMT: handle(0x%04x), task_type(0x%02x)\n",
794 			ioc->name,
795 		    le16_to_cpu(tm_request->DevHandle), tm_request->TaskType));
796 
797 		if (tm_request->TaskType ==
798 		    MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK ||
799 		    tm_request->TaskType ==
800 		    MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK) {
801 			if (_ctl_set_task_mid(ioc, &karg, tm_request)) {
802 				mpt3sas_base_free_smid(ioc, smid);
803 				goto out;
804 			}
805 		}
806 
807 		mpt3sas_scsih_set_tm_flag(ioc, le16_to_cpu(
808 		    tm_request->DevHandle));
809 		ioc->build_sg_mpi(ioc, psge, data_out_dma, data_out_sz,
810 		    data_in_dma, data_in_sz);
811 		mpt3sas_base_put_smid_hi_priority(ioc, smid);
812 		break;
813 	}
814 	case MPI2_FUNCTION_SMP_PASSTHROUGH:
815 	{
816 		Mpi2SmpPassthroughRequest_t *smp_request =
817 		    (Mpi2SmpPassthroughRequest_t *)mpi_request;
818 		u8 *data;
819 
820 		/* ioc determines which port to use */
821 		smp_request->PhysicalPort = 0xFF;
822 		if (smp_request->PassthroughFlags &
823 		    MPI2_SMP_PT_REQ_PT_FLAGS_IMMEDIATE)
824 			data = (u8 *)&smp_request->SGL;
825 		else {
826 			if (unlikely(data_out == NULL)) {
827 				pr_err("failure at %s:%d/%s()!\n",
828 				    __FILE__, __LINE__, __func__);
829 				mpt3sas_base_free_smid(ioc, smid);
830 				ret = -EINVAL;
831 				goto out;
832 			}
833 			data = data_out;
834 		}
835 
836 		if (data[1] == 0x91 && (data[10] == 1 || data[10] == 2)) {
837 			ioc->ioc_link_reset_in_progress = 1;
838 			ioc->ignore_loginfos = 1;
839 		}
840 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz, data_in_dma,
841 		    data_in_sz);
842 		mpt3sas_base_put_smid_default(ioc, smid);
843 		break;
844 	}
845 	case MPI2_FUNCTION_SATA_PASSTHROUGH:
846 	case MPI2_FUNCTION_FW_DOWNLOAD:
847 	case MPI2_FUNCTION_FW_UPLOAD:
848 	{
849 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz, data_in_dma,
850 		    data_in_sz);
851 		mpt3sas_base_put_smid_default(ioc, smid);
852 		break;
853 	}
854 	case MPI2_FUNCTION_TOOLBOX:
855 	{
856 		Mpi2ToolboxCleanRequest_t *toolbox_request =
857 			(Mpi2ToolboxCleanRequest_t *)mpi_request;
858 
859 		if (toolbox_request->Tool == MPI2_TOOLBOX_DIAGNOSTIC_CLI_TOOL) {
860 			ioc->build_sg(ioc, psge, data_out_dma, data_out_sz,
861 				data_in_dma, data_in_sz);
862 		} else {
863 			ioc->build_sg_mpi(ioc, psge, data_out_dma, data_out_sz,
864 				data_in_dma, data_in_sz);
865 		}
866 		mpt3sas_base_put_smid_default(ioc, smid);
867 		break;
868 	}
869 	case MPI2_FUNCTION_SAS_IO_UNIT_CONTROL:
870 	{
871 		Mpi2SasIoUnitControlRequest_t *sasiounit_request =
872 		    (Mpi2SasIoUnitControlRequest_t *)mpi_request;
873 
874 		if (sasiounit_request->Operation == MPI2_SAS_OP_PHY_HARD_RESET
875 		    || sasiounit_request->Operation ==
876 		    MPI2_SAS_OP_PHY_LINK_RESET) {
877 			ioc->ioc_link_reset_in_progress = 1;
878 			ioc->ignore_loginfos = 1;
879 		}
880 		/* drop to default case for posting the request */
881 	}
882 	default:
883 		ioc->build_sg_mpi(ioc, psge, data_out_dma, data_out_sz,
884 		    data_in_dma, data_in_sz);
885 		mpt3sas_base_put_smid_default(ioc, smid);
886 		break;
887 	}
888 
889 	if (karg.timeout < MPT3_IOCTL_DEFAULT_TIMEOUT)
890 		timeout = MPT3_IOCTL_DEFAULT_TIMEOUT;
891 	else
892 		timeout = karg.timeout;
893 	timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
894 	    timeout*HZ);
895 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_TASK_MGMT) {
896 		Mpi2SCSITaskManagementRequest_t *tm_request =
897 		    (Mpi2SCSITaskManagementRequest_t *)mpi_request;
898 		mpt3sas_scsih_clear_tm_flag(ioc, le16_to_cpu(
899 		    tm_request->DevHandle));
900 		mpt3sas_trigger_master(ioc, MASTER_TRIGGER_TASK_MANAGMENT);
901 	} else if ((mpi_request->Function == MPI2_FUNCTION_SMP_PASSTHROUGH ||
902 	    mpi_request->Function == MPI2_FUNCTION_SAS_IO_UNIT_CONTROL) &&
903 		ioc->ioc_link_reset_in_progress) {
904 		ioc->ioc_link_reset_in_progress = 0;
905 		ioc->ignore_loginfos = 0;
906 	}
907 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
908 		pr_err(MPT3SAS_FMT "%s: timeout\n", ioc->name,
909 		    __func__);
910 		_debug_dump_mf(mpi_request, karg.data_sge_offset);
911 		if (!(ioc->ctl_cmds.status & MPT3_CMD_RESET))
912 			issue_reset = 1;
913 		goto issue_host_reset;
914 	}
915 
916 	mpi_reply = ioc->ctl_cmds.reply;
917 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
918 
919 #ifdef CONFIG_SCSI_MPT3SAS_LOGGING
920 	if (mpi_reply->Function == MPI2_FUNCTION_SCSI_TASK_MGMT &&
921 	    (ioc->logging_level & MPT_DEBUG_TM)) {
922 		Mpi2SCSITaskManagementReply_t *tm_reply =
923 		    (Mpi2SCSITaskManagementReply_t *)mpi_reply;
924 
925 		pr_info(MPT3SAS_FMT "TASK_MGMT: " \
926 		    "IOCStatus(0x%04x), IOCLogInfo(0x%08x), "
927 		    "TerminationCount(0x%08x)\n", ioc->name,
928 		    le16_to_cpu(tm_reply->IOCStatus),
929 		    le32_to_cpu(tm_reply->IOCLogInfo),
930 		    le32_to_cpu(tm_reply->TerminationCount));
931 	}
932 #endif
933 	/* copy out xdata to user */
934 	if (data_in_sz) {
935 		if (copy_to_user(karg.data_in_buf_ptr, data_in,
936 		    data_in_sz)) {
937 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
938 			    __LINE__, __func__);
939 			ret = -ENODATA;
940 			goto out;
941 		}
942 	}
943 
944 	/* copy out reply message frame to user */
945 	if (karg.max_reply_bytes) {
946 		sz = min_t(u32, karg.max_reply_bytes, ioc->reply_sz);
947 		if (copy_to_user(karg.reply_frame_buf_ptr, ioc->ctl_cmds.reply,
948 		    sz)) {
949 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
950 			    __LINE__, __func__);
951 			ret = -ENODATA;
952 			goto out;
953 		}
954 	}
955 
956 	/* copy out sense to user */
957 	if (karg.max_sense_bytes && (mpi_request->Function ==
958 	    MPI2_FUNCTION_SCSI_IO_REQUEST || mpi_request->Function ==
959 	    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) {
960 		sz = min_t(u32, karg.max_sense_bytes, SCSI_SENSE_BUFFERSIZE);
961 		if (copy_to_user(karg.sense_data_ptr, ioc->ctl_cmds.sense,
962 		    sz)) {
963 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
964 			    __LINE__, __func__);
965 			ret = -ENODATA;
966 			goto out;
967 		}
968 	}
969 
970  issue_host_reset:
971 	if (issue_reset) {
972 		ret = -ENODATA;
973 		if ((mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
974 		    mpi_request->Function ==
975 		    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH ||
976 		    mpi_request->Function == MPI2_FUNCTION_SATA_PASSTHROUGH)) {
977 			pr_info(MPT3SAS_FMT "issue target reset: handle = (0x%04x)\n",
978 				ioc->name,
979 				le16_to_cpu(mpi_request->FunctionDependent1));
980 			mpt3sas_halt_firmware(ioc);
981 			mpt3sas_scsih_issue_tm(ioc,
982 			    le16_to_cpu(mpi_request->FunctionDependent1), 0, 0,
983 			    0, MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET, 0, 30,
984 			    TM_MUTEX_ON);
985 		} else
986 			mpt3sas_base_hard_reset_handler(ioc, CAN_SLEEP,
987 			    FORCE_BIG_HAMMER);
988 	}
989 
990  out:
991 
992 	/* free memory associated with sg buffers */
993 	if (data_in)
994 		pci_free_consistent(ioc->pdev, data_in_sz, data_in,
995 		    data_in_dma);
996 
997 	if (data_out)
998 		pci_free_consistent(ioc->pdev, data_out_sz, data_out,
999 		    data_out_dma);
1000 
1001 	kfree(mpi_request);
1002 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
1003 	return ret;
1004 }
1005 
1006 /**
1007  * _ctl_getiocinfo - main handler for MPT3IOCINFO opcode
1008  * @ioc: per adapter object
1009  * @arg - user space buffer containing ioctl content
1010  */
1011 static long
1012 _ctl_getiocinfo(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1013 {
1014 	struct mpt3_ioctl_iocinfo karg;
1015 
1016 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1017 		pr_err("failure at %s:%d/%s()!\n",
1018 		    __FILE__, __LINE__, __func__);
1019 		return -EFAULT;
1020 	}
1021 
1022 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: enter\n", ioc->name,
1023 	    __func__));
1024 
1025 	memset(&karg, 0 , sizeof(karg));
1026 	karg.adapter_type = MPT3_IOCTL_INTERFACE_SAS3;
1027 	if (ioc->pfacts)
1028 		karg.port_number = ioc->pfacts[0].PortNumber;
1029 	karg.hw_rev = ioc->pdev->revision;
1030 	karg.pci_id = ioc->pdev->device;
1031 	karg.subsystem_device = ioc->pdev->subsystem_device;
1032 	karg.subsystem_vendor = ioc->pdev->subsystem_vendor;
1033 	karg.pci_information.u.bits.bus = ioc->pdev->bus->number;
1034 	karg.pci_information.u.bits.device = PCI_SLOT(ioc->pdev->devfn);
1035 	karg.pci_information.u.bits.function = PCI_FUNC(ioc->pdev->devfn);
1036 	karg.pci_information.segment_id = pci_domain_nr(ioc->pdev->bus);
1037 	karg.firmware_version = ioc->facts.FWVersion.Word;
1038 	strcpy(karg.driver_version, MPT3SAS_DRIVER_NAME);
1039 	strcat(karg.driver_version, "-");
1040 	strcat(karg.driver_version, MPT3SAS_DRIVER_VERSION);
1041 	karg.bios_version = le32_to_cpu(ioc->bios_pg3.BiosVersion);
1042 
1043 	if (copy_to_user(arg, &karg, sizeof(karg))) {
1044 		pr_err("failure at %s:%d/%s()!\n",
1045 		    __FILE__, __LINE__, __func__);
1046 		return -EFAULT;
1047 	}
1048 	return 0;
1049 }
1050 
1051 /**
1052  * _ctl_eventquery - main handler for MPT3EVENTQUERY opcode
1053  * @ioc: per adapter object
1054  * @arg - user space buffer containing ioctl content
1055  */
1056 static long
1057 _ctl_eventquery(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1058 {
1059 	struct mpt3_ioctl_eventquery karg;
1060 
1061 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1062 		pr_err("failure at %s:%d/%s()!\n",
1063 		    __FILE__, __LINE__, __func__);
1064 		return -EFAULT;
1065 	}
1066 
1067 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: enter\n", ioc->name,
1068 	    __func__));
1069 
1070 	karg.event_entries = MPT3SAS_CTL_EVENT_LOG_SIZE;
1071 	memcpy(karg.event_types, ioc->event_type,
1072 	    MPI2_EVENT_NOTIFY_EVENTMASK_WORDS * sizeof(u32));
1073 
1074 	if (copy_to_user(arg, &karg, sizeof(karg))) {
1075 		pr_err("failure at %s:%d/%s()!\n",
1076 		    __FILE__, __LINE__, __func__);
1077 		return -EFAULT;
1078 	}
1079 	return 0;
1080 }
1081 
1082 /**
1083  * _ctl_eventenable - main handler for MPT3EVENTENABLE opcode
1084  * @ioc: per adapter object
1085  * @arg - user space buffer containing ioctl content
1086  */
1087 static long
1088 _ctl_eventenable(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1089 {
1090 	struct mpt3_ioctl_eventenable karg;
1091 
1092 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1093 		pr_err("failure at %s:%d/%s()!\n",
1094 		    __FILE__, __LINE__, __func__);
1095 		return -EFAULT;
1096 	}
1097 
1098 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: enter\n", ioc->name,
1099 	    __func__));
1100 
1101 	memcpy(ioc->event_type, karg.event_types,
1102 	    MPI2_EVENT_NOTIFY_EVENTMASK_WORDS * sizeof(u32));
1103 	mpt3sas_base_validate_event_type(ioc, ioc->event_type);
1104 
1105 	if (ioc->event_log)
1106 		return 0;
1107 	/* initialize event_log */
1108 	ioc->event_context = 0;
1109 	ioc->aen_event_read_flag = 0;
1110 	ioc->event_log = kcalloc(MPT3SAS_CTL_EVENT_LOG_SIZE,
1111 	    sizeof(struct MPT3_IOCTL_EVENTS), GFP_KERNEL);
1112 	if (!ioc->event_log) {
1113 		pr_err("failure at %s:%d/%s()!\n",
1114 		    __FILE__, __LINE__, __func__);
1115 		return -ENOMEM;
1116 	}
1117 	return 0;
1118 }
1119 
1120 /**
1121  * _ctl_eventreport - main handler for MPT3EVENTREPORT opcode
1122  * @ioc: per adapter object
1123  * @arg - user space buffer containing ioctl content
1124  */
1125 static long
1126 _ctl_eventreport(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1127 {
1128 	struct mpt3_ioctl_eventreport karg;
1129 	u32 number_bytes, max_events, max;
1130 	struct mpt3_ioctl_eventreport __user *uarg = arg;
1131 
1132 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1133 		pr_err("failure at %s:%d/%s()!\n",
1134 		    __FILE__, __LINE__, __func__);
1135 		return -EFAULT;
1136 	}
1137 
1138 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: enter\n", ioc->name,
1139 	    __func__));
1140 
1141 	number_bytes = karg.hdr.max_data_size -
1142 	    sizeof(struct mpt3_ioctl_header);
1143 	max_events = number_bytes/sizeof(struct MPT3_IOCTL_EVENTS);
1144 	max = min_t(u32, MPT3SAS_CTL_EVENT_LOG_SIZE, max_events);
1145 
1146 	/* If fewer than 1 event is requested, there must have
1147 	 * been some type of error.
1148 	 */
1149 	if (!max || !ioc->event_log)
1150 		return -ENODATA;
1151 
1152 	number_bytes = max * sizeof(struct MPT3_IOCTL_EVENTS);
1153 	if (copy_to_user(uarg->event_data, ioc->event_log, number_bytes)) {
1154 		pr_err("failure at %s:%d/%s()!\n",
1155 		    __FILE__, __LINE__, __func__);
1156 		return -EFAULT;
1157 	}
1158 
1159 	/* reset flag so SIGIO can restart */
1160 	ioc->aen_event_read_flag = 0;
1161 	return 0;
1162 }
1163 
1164 /**
1165  * _ctl_do_reset - main handler for MPT3HARDRESET opcode
1166  * @ioc: per adapter object
1167  * @arg - user space buffer containing ioctl content
1168  */
1169 static long
1170 _ctl_do_reset(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1171 {
1172 	struct mpt3_ioctl_diag_reset karg;
1173 	int retval;
1174 
1175 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1176 		pr_err("failure at %s:%d/%s()!\n",
1177 		    __FILE__, __LINE__, __func__);
1178 		return -EFAULT;
1179 	}
1180 
1181 	if (ioc->shost_recovery || ioc->pci_error_recovery ||
1182 	    ioc->is_driver_loading)
1183 		return -EAGAIN;
1184 
1185 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: enter\n", ioc->name,
1186 	    __func__));
1187 
1188 	retval = mpt3sas_base_hard_reset_handler(ioc, CAN_SLEEP,
1189 	    FORCE_BIG_HAMMER);
1190 	pr_info(MPT3SAS_FMT "host reset: %s\n",
1191 	    ioc->name, ((!retval) ? "SUCCESS" : "FAILED"));
1192 	return 0;
1193 }
1194 
1195 /**
1196  * _ctl_btdh_search_sas_device - searching for sas device
1197  * @ioc: per adapter object
1198  * @btdh: btdh ioctl payload
1199  */
1200 static int
1201 _ctl_btdh_search_sas_device(struct MPT3SAS_ADAPTER *ioc,
1202 	struct mpt3_ioctl_btdh_mapping *btdh)
1203 {
1204 	struct _sas_device *sas_device;
1205 	unsigned long flags;
1206 	int rc = 0;
1207 
1208 	if (list_empty(&ioc->sas_device_list))
1209 		return rc;
1210 
1211 	spin_lock_irqsave(&ioc->sas_device_lock, flags);
1212 	list_for_each_entry(sas_device, &ioc->sas_device_list, list) {
1213 		if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1214 		    btdh->handle == sas_device->handle) {
1215 			btdh->bus = sas_device->channel;
1216 			btdh->id = sas_device->id;
1217 			rc = 1;
1218 			goto out;
1219 		} else if (btdh->bus == sas_device->channel && btdh->id ==
1220 		    sas_device->id && btdh->handle == 0xFFFF) {
1221 			btdh->handle = sas_device->handle;
1222 			rc = 1;
1223 			goto out;
1224 		}
1225 	}
1226  out:
1227 	spin_unlock_irqrestore(&ioc->sas_device_lock, flags);
1228 	return rc;
1229 }
1230 
1231 /**
1232  * _ctl_btdh_search_raid_device - searching for raid device
1233  * @ioc: per adapter object
1234  * @btdh: btdh ioctl payload
1235  */
1236 static int
1237 _ctl_btdh_search_raid_device(struct MPT3SAS_ADAPTER *ioc,
1238 	struct mpt3_ioctl_btdh_mapping *btdh)
1239 {
1240 	struct _raid_device *raid_device;
1241 	unsigned long flags;
1242 	int rc = 0;
1243 
1244 	if (list_empty(&ioc->raid_device_list))
1245 		return rc;
1246 
1247 	spin_lock_irqsave(&ioc->raid_device_lock, flags);
1248 	list_for_each_entry(raid_device, &ioc->raid_device_list, list) {
1249 		if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1250 		    btdh->handle == raid_device->handle) {
1251 			btdh->bus = raid_device->channel;
1252 			btdh->id = raid_device->id;
1253 			rc = 1;
1254 			goto out;
1255 		} else if (btdh->bus == raid_device->channel && btdh->id ==
1256 		    raid_device->id && btdh->handle == 0xFFFF) {
1257 			btdh->handle = raid_device->handle;
1258 			rc = 1;
1259 			goto out;
1260 		}
1261 	}
1262  out:
1263 	spin_unlock_irqrestore(&ioc->raid_device_lock, flags);
1264 	return rc;
1265 }
1266 
1267 /**
1268  * _ctl_btdh_mapping - main handler for MPT3BTDHMAPPING opcode
1269  * @ioc: per adapter object
1270  * @arg - user space buffer containing ioctl content
1271  */
1272 static long
1273 _ctl_btdh_mapping(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1274 {
1275 	struct mpt3_ioctl_btdh_mapping karg;
1276 	int rc;
1277 
1278 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1279 		pr_err("failure at %s:%d/%s()!\n",
1280 		    __FILE__, __LINE__, __func__);
1281 		return -EFAULT;
1282 	}
1283 
1284 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1285 	    __func__));
1286 
1287 	rc = _ctl_btdh_search_sas_device(ioc, &karg);
1288 	if (!rc)
1289 		_ctl_btdh_search_raid_device(ioc, &karg);
1290 
1291 	if (copy_to_user(arg, &karg, sizeof(karg))) {
1292 		pr_err("failure at %s:%d/%s()!\n",
1293 		    __FILE__, __LINE__, __func__);
1294 		return -EFAULT;
1295 	}
1296 	return 0;
1297 }
1298 
1299 /**
1300  * _ctl_diag_capability - return diag buffer capability
1301  * @ioc: per adapter object
1302  * @buffer_type: specifies either TRACE, SNAPSHOT, or EXTENDED
1303  *
1304  * returns 1 when diag buffer support is enabled in firmware
1305  */
1306 static u8
1307 _ctl_diag_capability(struct MPT3SAS_ADAPTER *ioc, u8 buffer_type)
1308 {
1309 	u8 rc = 0;
1310 
1311 	switch (buffer_type) {
1312 	case MPI2_DIAG_BUF_TYPE_TRACE:
1313 		if (ioc->facts.IOCCapabilities &
1314 		    MPI2_IOCFACTS_CAPABILITY_DIAG_TRACE_BUFFER)
1315 			rc = 1;
1316 		break;
1317 	case MPI2_DIAG_BUF_TYPE_SNAPSHOT:
1318 		if (ioc->facts.IOCCapabilities &
1319 		    MPI2_IOCFACTS_CAPABILITY_SNAPSHOT_BUFFER)
1320 			rc = 1;
1321 		break;
1322 	case MPI2_DIAG_BUF_TYPE_EXTENDED:
1323 		if (ioc->facts.IOCCapabilities &
1324 		    MPI2_IOCFACTS_CAPABILITY_EXTENDED_BUFFER)
1325 			rc = 1;
1326 	}
1327 
1328 	return rc;
1329 }
1330 
1331 
1332 /**
1333  * _ctl_diag_register_2 - wrapper for registering diag buffer support
1334  * @ioc: per adapter object
1335  * @diag_register: the diag_register struct passed in from user space
1336  *
1337  */
1338 static long
1339 _ctl_diag_register_2(struct MPT3SAS_ADAPTER *ioc,
1340 	struct mpt3_diag_register *diag_register)
1341 {
1342 	int rc, i;
1343 	void *request_data = NULL;
1344 	dma_addr_t request_data_dma;
1345 	u32 request_data_sz = 0;
1346 	Mpi2DiagBufferPostRequest_t *mpi_request;
1347 	Mpi2DiagBufferPostReply_t *mpi_reply;
1348 	u8 buffer_type;
1349 	unsigned long timeleft;
1350 	u16 smid;
1351 	u16 ioc_status;
1352 	u32 ioc_state;
1353 	u8 issue_reset = 0;
1354 
1355 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1356 	    __func__));
1357 
1358 	ioc_state = mpt3sas_base_get_iocstate(ioc, 1);
1359 	if (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
1360 		pr_err(MPT3SAS_FMT
1361 		    "%s: failed due to ioc not operational\n",
1362 		    ioc->name, __func__);
1363 		rc = -EAGAIN;
1364 		goto out;
1365 	}
1366 
1367 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
1368 		pr_err(MPT3SAS_FMT "%s: ctl_cmd in use\n",
1369 		    ioc->name, __func__);
1370 		rc = -EAGAIN;
1371 		goto out;
1372 	}
1373 
1374 	buffer_type = diag_register->buffer_type;
1375 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1376 		pr_err(MPT3SAS_FMT
1377 			"%s: doesn't have capability for buffer_type(0x%02x)\n",
1378 			ioc->name, __func__, buffer_type);
1379 		return -EPERM;
1380 	}
1381 
1382 	if (ioc->diag_buffer_status[buffer_type] &
1383 	    MPT3_DIAG_BUFFER_IS_REGISTERED) {
1384 		pr_err(MPT3SAS_FMT
1385 			"%s: already has a registered buffer for buffer_type(0x%02x)\n",
1386 			ioc->name, __func__,
1387 		    buffer_type);
1388 		return -EINVAL;
1389 	}
1390 
1391 	if (diag_register->requested_buffer_size % 4)  {
1392 		pr_err(MPT3SAS_FMT
1393 			"%s: the requested_buffer_size is not 4 byte aligned\n",
1394 			ioc->name, __func__);
1395 		return -EINVAL;
1396 	}
1397 
1398 	smid = mpt3sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1399 	if (!smid) {
1400 		pr_err(MPT3SAS_FMT "%s: failed obtaining a smid\n",
1401 		    ioc->name, __func__);
1402 		rc = -EAGAIN;
1403 		goto out;
1404 	}
1405 
1406 	rc = 0;
1407 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
1408 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1409 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
1410 	ioc->ctl_cmds.smid = smid;
1411 
1412 	request_data = ioc->diag_buffer[buffer_type];
1413 	request_data_sz = diag_register->requested_buffer_size;
1414 	ioc->unique_id[buffer_type] = diag_register->unique_id;
1415 	ioc->diag_buffer_status[buffer_type] = 0;
1416 	memcpy(ioc->product_specific[buffer_type],
1417 	    diag_register->product_specific, MPT3_PRODUCT_SPECIFIC_DWORDS);
1418 	ioc->diagnostic_flags[buffer_type] = diag_register->diagnostic_flags;
1419 
1420 	if (request_data) {
1421 		request_data_dma = ioc->diag_buffer_dma[buffer_type];
1422 		if (request_data_sz != ioc->diag_buffer_sz[buffer_type]) {
1423 			pci_free_consistent(ioc->pdev,
1424 			    ioc->diag_buffer_sz[buffer_type],
1425 			    request_data, request_data_dma);
1426 			request_data = NULL;
1427 		}
1428 	}
1429 
1430 	if (request_data == NULL) {
1431 		ioc->diag_buffer_sz[buffer_type] = 0;
1432 		ioc->diag_buffer_dma[buffer_type] = 0;
1433 		request_data = pci_alloc_consistent(
1434 			ioc->pdev, request_data_sz, &request_data_dma);
1435 		if (request_data == NULL) {
1436 			pr_err(MPT3SAS_FMT "%s: failed allocating memory" \
1437 			    " for diag buffers, requested size(%d)\n",
1438 			    ioc->name, __func__, request_data_sz);
1439 			mpt3sas_base_free_smid(ioc, smid);
1440 			return -ENOMEM;
1441 		}
1442 		ioc->diag_buffer[buffer_type] = request_data;
1443 		ioc->diag_buffer_sz[buffer_type] = request_data_sz;
1444 		ioc->diag_buffer_dma[buffer_type] = request_data_dma;
1445 	}
1446 
1447 	mpi_request->Function = MPI2_FUNCTION_DIAG_BUFFER_POST;
1448 	mpi_request->BufferType = diag_register->buffer_type;
1449 	mpi_request->Flags = cpu_to_le32(diag_register->diagnostic_flags);
1450 	mpi_request->BufferAddress = cpu_to_le64(request_data_dma);
1451 	mpi_request->BufferLength = cpu_to_le32(request_data_sz);
1452 	mpi_request->VF_ID = 0; /* TODO */
1453 	mpi_request->VP_ID = 0;
1454 
1455 	dctlprintk(ioc, pr_info(MPT3SAS_FMT
1456 		"%s: diag_buffer(0x%p), dma(0x%llx), sz(%d)\n",
1457 		ioc->name, __func__, request_data,
1458 	    (unsigned long long)request_data_dma,
1459 	    le32_to_cpu(mpi_request->BufferLength)));
1460 
1461 	for (i = 0; i < MPT3_PRODUCT_SPECIFIC_DWORDS; i++)
1462 		mpi_request->ProductSpecific[i] =
1463 			cpu_to_le32(ioc->product_specific[buffer_type][i]);
1464 
1465 	init_completion(&ioc->ctl_cmds.done);
1466 	mpt3sas_base_put_smid_default(ioc, smid);
1467 	timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
1468 	    MPT3_IOCTL_DEFAULT_TIMEOUT*HZ);
1469 
1470 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
1471 		pr_err(MPT3SAS_FMT "%s: timeout\n", ioc->name,
1472 		    __func__);
1473 		_debug_dump_mf(mpi_request,
1474 		    sizeof(Mpi2DiagBufferPostRequest_t)/4);
1475 		if (!(ioc->ctl_cmds.status & MPT3_CMD_RESET))
1476 			issue_reset = 1;
1477 		goto issue_host_reset;
1478 	}
1479 
1480 	/* process the completed Reply Message Frame */
1481 	if ((ioc->ctl_cmds.status & MPT3_CMD_REPLY_VALID) == 0) {
1482 		pr_err(MPT3SAS_FMT "%s: no reply message\n",
1483 		    ioc->name, __func__);
1484 		rc = -EFAULT;
1485 		goto out;
1486 	}
1487 
1488 	mpi_reply = ioc->ctl_cmds.reply;
1489 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
1490 
1491 	if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
1492 		ioc->diag_buffer_status[buffer_type] |=
1493 			MPT3_DIAG_BUFFER_IS_REGISTERED;
1494 		dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: success\n",
1495 		    ioc->name, __func__));
1496 	} else {
1497 		pr_info(MPT3SAS_FMT
1498 			"%s: ioc_status(0x%04x) log_info(0x%08x)\n",
1499 			ioc->name, __func__,
1500 		    ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
1501 		rc = -EFAULT;
1502 	}
1503 
1504  issue_host_reset:
1505 	if (issue_reset)
1506 		mpt3sas_base_hard_reset_handler(ioc, CAN_SLEEP,
1507 		    FORCE_BIG_HAMMER);
1508 
1509  out:
1510 
1511 	if (rc && request_data)
1512 		pci_free_consistent(ioc->pdev, request_data_sz,
1513 		    request_data, request_data_dma);
1514 
1515 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
1516 	return rc;
1517 }
1518 
1519 /**
1520  * mpt3sas_enable_diag_buffer - enabling diag_buffers support driver load time
1521  * @ioc: per adapter object
1522  * @bits_to_register: bitwise field where trace is bit 0, and snapshot is bit 1
1523  *
1524  * This is called when command line option diag_buffer_enable is enabled
1525  * at driver load time.
1526  */
1527 void
1528 mpt3sas_enable_diag_buffer(struct MPT3SAS_ADAPTER *ioc, u8 bits_to_register)
1529 {
1530 	struct mpt3_diag_register diag_register;
1531 
1532 	memset(&diag_register, 0, sizeof(struct mpt3_diag_register));
1533 
1534 	if (bits_to_register & 1) {
1535 		pr_info(MPT3SAS_FMT "registering trace buffer support\n",
1536 		    ioc->name);
1537 		ioc->diag_trigger_master.MasterData =
1538 		    (MASTER_TRIGGER_FW_FAULT + MASTER_TRIGGER_ADAPTER_RESET);
1539 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_TRACE;
1540 		/* register for 2MB buffers  */
1541 		diag_register.requested_buffer_size = 2 * (1024 * 1024);
1542 		diag_register.unique_id = 0x7075900;
1543 		_ctl_diag_register_2(ioc,  &diag_register);
1544 	}
1545 
1546 	if (bits_to_register & 2) {
1547 		pr_info(MPT3SAS_FMT "registering snapshot buffer support\n",
1548 		    ioc->name);
1549 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_SNAPSHOT;
1550 		/* register for 2MB buffers  */
1551 		diag_register.requested_buffer_size = 2 * (1024 * 1024);
1552 		diag_register.unique_id = 0x7075901;
1553 		_ctl_diag_register_2(ioc,  &diag_register);
1554 	}
1555 
1556 	if (bits_to_register & 4) {
1557 		pr_info(MPT3SAS_FMT "registering extended buffer support\n",
1558 		    ioc->name);
1559 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_EXTENDED;
1560 		/* register for 2MB buffers  */
1561 		diag_register.requested_buffer_size = 2 * (1024 * 1024);
1562 		diag_register.unique_id = 0x7075901;
1563 		_ctl_diag_register_2(ioc,  &diag_register);
1564 	}
1565 }
1566 
1567 /**
1568  * _ctl_diag_register - application register with driver
1569  * @ioc: per adapter object
1570  * @arg - user space buffer containing ioctl content
1571  *
1572  * This will allow the driver to setup any required buffers that will be
1573  * needed by firmware to communicate with the driver.
1574  */
1575 static long
1576 _ctl_diag_register(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1577 {
1578 	struct mpt3_diag_register karg;
1579 	long rc;
1580 
1581 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1582 		pr_err("failure at %s:%d/%s()!\n",
1583 		    __FILE__, __LINE__, __func__);
1584 		return -EFAULT;
1585 	}
1586 
1587 	rc = _ctl_diag_register_2(ioc, &karg);
1588 	return rc;
1589 }
1590 
1591 /**
1592  * _ctl_diag_unregister - application unregister with driver
1593  * @ioc: per adapter object
1594  * @arg - user space buffer containing ioctl content
1595  *
1596  * This will allow the driver to cleanup any memory allocated for diag
1597  * messages and to free up any resources.
1598  */
1599 static long
1600 _ctl_diag_unregister(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1601 {
1602 	struct mpt3_diag_unregister karg;
1603 	void *request_data;
1604 	dma_addr_t request_data_dma;
1605 	u32 request_data_sz;
1606 	u8 buffer_type;
1607 
1608 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1609 		pr_err("failure at %s:%d/%s()!\n",
1610 		    __FILE__, __LINE__, __func__);
1611 		return -EFAULT;
1612 	}
1613 
1614 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1615 	    __func__));
1616 
1617 	buffer_type = karg.unique_id & 0x000000ff;
1618 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1619 		pr_err(MPT3SAS_FMT
1620 			"%s: doesn't have capability for buffer_type(0x%02x)\n",
1621 			ioc->name, __func__, buffer_type);
1622 		return -EPERM;
1623 	}
1624 
1625 	if ((ioc->diag_buffer_status[buffer_type] &
1626 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
1627 		pr_err(MPT3SAS_FMT
1628 			"%s: buffer_type(0x%02x) is not registered\n",
1629 			ioc->name, __func__, buffer_type);
1630 		return -EINVAL;
1631 	}
1632 	if ((ioc->diag_buffer_status[buffer_type] &
1633 	    MPT3_DIAG_BUFFER_IS_RELEASED) == 0) {
1634 		pr_err(MPT3SAS_FMT
1635 			"%s: buffer_type(0x%02x) has not been released\n",
1636 			ioc->name, __func__, buffer_type);
1637 		return -EINVAL;
1638 	}
1639 
1640 	if (karg.unique_id != ioc->unique_id[buffer_type]) {
1641 		pr_err(MPT3SAS_FMT
1642 			"%s: unique_id(0x%08x) is not registered\n",
1643 			ioc->name, __func__, karg.unique_id);
1644 		return -EINVAL;
1645 	}
1646 
1647 	request_data = ioc->diag_buffer[buffer_type];
1648 	if (!request_data) {
1649 		pr_err(MPT3SAS_FMT
1650 			"%s: doesn't have memory allocated for buffer_type(0x%02x)\n",
1651 			ioc->name, __func__, buffer_type);
1652 		return -ENOMEM;
1653 	}
1654 
1655 	request_data_sz = ioc->diag_buffer_sz[buffer_type];
1656 	request_data_dma = ioc->diag_buffer_dma[buffer_type];
1657 	pci_free_consistent(ioc->pdev, request_data_sz,
1658 	    request_data, request_data_dma);
1659 	ioc->diag_buffer[buffer_type] = NULL;
1660 	ioc->diag_buffer_status[buffer_type] = 0;
1661 	return 0;
1662 }
1663 
1664 /**
1665  * _ctl_diag_query - query relevant info associated with diag buffers
1666  * @ioc: per adapter object
1667  * @arg - user space buffer containing ioctl content
1668  *
1669  * The application will send only buffer_type and unique_id.  Driver will
1670  * inspect unique_id first, if valid, fill in all the info.  If unique_id is
1671  * 0x00, the driver will return info specified by Buffer Type.
1672  */
1673 static long
1674 _ctl_diag_query(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1675 {
1676 	struct mpt3_diag_query karg;
1677 	void *request_data;
1678 	int i;
1679 	u8 buffer_type;
1680 
1681 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1682 		pr_err("failure at %s:%d/%s()!\n",
1683 		    __FILE__, __LINE__, __func__);
1684 		return -EFAULT;
1685 	}
1686 
1687 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1688 	    __func__));
1689 
1690 	karg.application_flags = 0;
1691 	buffer_type = karg.buffer_type;
1692 
1693 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1694 		pr_err(MPT3SAS_FMT
1695 			"%s: doesn't have capability for buffer_type(0x%02x)\n",
1696 			ioc->name, __func__, buffer_type);
1697 		return -EPERM;
1698 	}
1699 
1700 	if ((ioc->diag_buffer_status[buffer_type] &
1701 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
1702 		pr_err(MPT3SAS_FMT
1703 			"%s: buffer_type(0x%02x) is not registered\n",
1704 			ioc->name, __func__, buffer_type);
1705 		return -EINVAL;
1706 	}
1707 
1708 	if (karg.unique_id & 0xffffff00) {
1709 		if (karg.unique_id != ioc->unique_id[buffer_type]) {
1710 			pr_err(MPT3SAS_FMT
1711 				"%s: unique_id(0x%08x) is not registered\n",
1712 				ioc->name, __func__, karg.unique_id);
1713 			return -EINVAL;
1714 		}
1715 	}
1716 
1717 	request_data = ioc->diag_buffer[buffer_type];
1718 	if (!request_data) {
1719 		pr_err(MPT3SAS_FMT
1720 			"%s: doesn't have buffer for buffer_type(0x%02x)\n",
1721 			ioc->name, __func__, buffer_type);
1722 		return -ENOMEM;
1723 	}
1724 
1725 	if (ioc->diag_buffer_status[buffer_type] & MPT3_DIAG_BUFFER_IS_RELEASED)
1726 		karg.application_flags = (MPT3_APP_FLAGS_APP_OWNED |
1727 		    MPT3_APP_FLAGS_BUFFER_VALID);
1728 	else
1729 		karg.application_flags = (MPT3_APP_FLAGS_APP_OWNED |
1730 		    MPT3_APP_FLAGS_BUFFER_VALID |
1731 		    MPT3_APP_FLAGS_FW_BUFFER_ACCESS);
1732 
1733 	for (i = 0; i < MPT3_PRODUCT_SPECIFIC_DWORDS; i++)
1734 		karg.product_specific[i] =
1735 		    ioc->product_specific[buffer_type][i];
1736 
1737 	karg.total_buffer_size = ioc->diag_buffer_sz[buffer_type];
1738 	karg.driver_added_buffer_size = 0;
1739 	karg.unique_id = ioc->unique_id[buffer_type];
1740 	karg.diagnostic_flags = ioc->diagnostic_flags[buffer_type];
1741 
1742 	if (copy_to_user(arg, &karg, sizeof(struct mpt3_diag_query))) {
1743 		pr_err(MPT3SAS_FMT
1744 			"%s: unable to write mpt3_diag_query data @ %p\n",
1745 			ioc->name, __func__, arg);
1746 		return -EFAULT;
1747 	}
1748 	return 0;
1749 }
1750 
1751 /**
1752  * mpt3sas_send_diag_release - Diag Release Message
1753  * @ioc: per adapter object
1754  * @buffer_type - specifies either TRACE, SNAPSHOT, or EXTENDED
1755  * @issue_reset - specifies whether host reset is required.
1756  *
1757  */
1758 int
1759 mpt3sas_send_diag_release(struct MPT3SAS_ADAPTER *ioc, u8 buffer_type,
1760 	u8 *issue_reset)
1761 {
1762 	Mpi2DiagReleaseRequest_t *mpi_request;
1763 	Mpi2DiagReleaseReply_t *mpi_reply;
1764 	u16 smid;
1765 	u16 ioc_status;
1766 	u32 ioc_state;
1767 	int rc;
1768 	unsigned long timeleft;
1769 
1770 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1771 	    __func__));
1772 
1773 	rc = 0;
1774 	*issue_reset = 0;
1775 
1776 	ioc_state = mpt3sas_base_get_iocstate(ioc, 1);
1777 	if (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
1778 		if (ioc->diag_buffer_status[buffer_type] &
1779 		    MPT3_DIAG_BUFFER_IS_REGISTERED)
1780 			ioc->diag_buffer_status[buffer_type] |=
1781 			    MPT3_DIAG_BUFFER_IS_RELEASED;
1782 		dctlprintk(ioc, pr_info(MPT3SAS_FMT
1783 			"%s: skipping due to FAULT state\n", ioc->name,
1784 		    __func__));
1785 		rc = -EAGAIN;
1786 		goto out;
1787 	}
1788 
1789 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
1790 		pr_err(MPT3SAS_FMT "%s: ctl_cmd in use\n",
1791 		    ioc->name, __func__);
1792 		rc = -EAGAIN;
1793 		goto out;
1794 	}
1795 
1796 	smid = mpt3sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1797 	if (!smid) {
1798 		pr_err(MPT3SAS_FMT "%s: failed obtaining a smid\n",
1799 		    ioc->name, __func__);
1800 		rc = -EAGAIN;
1801 		goto out;
1802 	}
1803 
1804 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
1805 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1806 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
1807 	ioc->ctl_cmds.smid = smid;
1808 
1809 	mpi_request->Function = MPI2_FUNCTION_DIAG_RELEASE;
1810 	mpi_request->BufferType = buffer_type;
1811 	mpi_request->VF_ID = 0; /* TODO */
1812 	mpi_request->VP_ID = 0;
1813 
1814 	init_completion(&ioc->ctl_cmds.done);
1815 	mpt3sas_base_put_smid_default(ioc, smid);
1816 	timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
1817 	    MPT3_IOCTL_DEFAULT_TIMEOUT*HZ);
1818 
1819 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
1820 		pr_err(MPT3SAS_FMT "%s: timeout\n", ioc->name,
1821 		    __func__);
1822 		_debug_dump_mf(mpi_request,
1823 		    sizeof(Mpi2DiagReleaseRequest_t)/4);
1824 		if (!(ioc->ctl_cmds.status & MPT3_CMD_RESET))
1825 			*issue_reset = 1;
1826 		rc = -EFAULT;
1827 		goto out;
1828 	}
1829 
1830 	/* process the completed Reply Message Frame */
1831 	if ((ioc->ctl_cmds.status & MPT3_CMD_REPLY_VALID) == 0) {
1832 		pr_err(MPT3SAS_FMT "%s: no reply message\n",
1833 		    ioc->name, __func__);
1834 		rc = -EFAULT;
1835 		goto out;
1836 	}
1837 
1838 	mpi_reply = ioc->ctl_cmds.reply;
1839 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
1840 
1841 	if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
1842 		ioc->diag_buffer_status[buffer_type] |=
1843 		    MPT3_DIAG_BUFFER_IS_RELEASED;
1844 		dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: success\n",
1845 		    ioc->name, __func__));
1846 	} else {
1847 		pr_info(MPT3SAS_FMT
1848 			"%s: ioc_status(0x%04x) log_info(0x%08x)\n",
1849 			ioc->name, __func__,
1850 		    ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
1851 		rc = -EFAULT;
1852 	}
1853 
1854  out:
1855 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
1856 	return rc;
1857 }
1858 
1859 /**
1860  * _ctl_diag_release - request to send Diag Release Message to firmware
1861  * @arg - user space buffer containing ioctl content
1862  *
1863  * This allows ownership of the specified buffer to returned to the driver,
1864  * allowing an application to read the buffer without fear that firmware is
1865  * overwritting information in the buffer.
1866  */
1867 static long
1868 _ctl_diag_release(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1869 {
1870 	struct mpt3_diag_release karg;
1871 	void *request_data;
1872 	int rc;
1873 	u8 buffer_type;
1874 	u8 issue_reset = 0;
1875 
1876 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1877 		pr_err("failure at %s:%d/%s()!\n",
1878 		    __FILE__, __LINE__, __func__);
1879 		return -EFAULT;
1880 	}
1881 
1882 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1883 	    __func__));
1884 
1885 	buffer_type = karg.unique_id & 0x000000ff;
1886 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1887 		pr_err(MPT3SAS_FMT
1888 			"%s: doesn't have capability for buffer_type(0x%02x)\n",
1889 			ioc->name, __func__, buffer_type);
1890 		return -EPERM;
1891 	}
1892 
1893 	if ((ioc->diag_buffer_status[buffer_type] &
1894 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
1895 		pr_err(MPT3SAS_FMT
1896 			"%s: buffer_type(0x%02x) is not registered\n",
1897 			ioc->name, __func__, buffer_type);
1898 		return -EINVAL;
1899 	}
1900 
1901 	if (karg.unique_id != ioc->unique_id[buffer_type]) {
1902 		pr_err(MPT3SAS_FMT
1903 			"%s: unique_id(0x%08x) is not registered\n",
1904 			ioc->name, __func__, karg.unique_id);
1905 		return -EINVAL;
1906 	}
1907 
1908 	if (ioc->diag_buffer_status[buffer_type] &
1909 	    MPT3_DIAG_BUFFER_IS_RELEASED) {
1910 		pr_err(MPT3SAS_FMT
1911 			"%s: buffer_type(0x%02x) is already released\n",
1912 			ioc->name, __func__,
1913 		    buffer_type);
1914 		return 0;
1915 	}
1916 
1917 	request_data = ioc->diag_buffer[buffer_type];
1918 
1919 	if (!request_data) {
1920 		pr_err(MPT3SAS_FMT
1921 			"%s: doesn't have memory allocated for buffer_type(0x%02x)\n",
1922 			ioc->name, __func__, buffer_type);
1923 		return -ENOMEM;
1924 	}
1925 
1926 	/* buffers were released by due to host reset */
1927 	if ((ioc->diag_buffer_status[buffer_type] &
1928 	    MPT3_DIAG_BUFFER_IS_DIAG_RESET)) {
1929 		ioc->diag_buffer_status[buffer_type] |=
1930 		    MPT3_DIAG_BUFFER_IS_RELEASED;
1931 		ioc->diag_buffer_status[buffer_type] &=
1932 		    ~MPT3_DIAG_BUFFER_IS_DIAG_RESET;
1933 		pr_err(MPT3SAS_FMT
1934 			"%s: buffer_type(0x%02x) was released due to host reset\n",
1935 			ioc->name, __func__, buffer_type);
1936 		return 0;
1937 	}
1938 
1939 	rc = mpt3sas_send_diag_release(ioc, buffer_type, &issue_reset);
1940 
1941 	if (issue_reset)
1942 		mpt3sas_base_hard_reset_handler(ioc, CAN_SLEEP,
1943 		    FORCE_BIG_HAMMER);
1944 
1945 	return rc;
1946 }
1947 
1948 /**
1949  * _ctl_diag_read_buffer - request for copy of the diag buffer
1950  * @ioc: per adapter object
1951  * @arg - user space buffer containing ioctl content
1952  */
1953 static long
1954 _ctl_diag_read_buffer(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1955 {
1956 	struct mpt3_diag_read_buffer karg;
1957 	struct mpt3_diag_read_buffer __user *uarg = arg;
1958 	void *request_data, *diag_data;
1959 	Mpi2DiagBufferPostRequest_t *mpi_request;
1960 	Mpi2DiagBufferPostReply_t *mpi_reply;
1961 	int rc, i;
1962 	u8 buffer_type;
1963 	unsigned long timeleft, request_size, copy_size;
1964 	u16 smid;
1965 	u16 ioc_status;
1966 	u8 issue_reset = 0;
1967 
1968 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1969 		pr_err("failure at %s:%d/%s()!\n",
1970 		    __FILE__, __LINE__, __func__);
1971 		return -EFAULT;
1972 	}
1973 
1974 	dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s\n", ioc->name,
1975 	    __func__));
1976 
1977 	buffer_type = karg.unique_id & 0x000000ff;
1978 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1979 		pr_err(MPT3SAS_FMT
1980 			"%s: doesn't have capability for buffer_type(0x%02x)\n",
1981 			ioc->name, __func__, buffer_type);
1982 		return -EPERM;
1983 	}
1984 
1985 	if (karg.unique_id != ioc->unique_id[buffer_type]) {
1986 		pr_err(MPT3SAS_FMT
1987 			"%s: unique_id(0x%08x) is not registered\n",
1988 			ioc->name, __func__, karg.unique_id);
1989 		return -EINVAL;
1990 	}
1991 
1992 	request_data = ioc->diag_buffer[buffer_type];
1993 	if (!request_data) {
1994 		pr_err(MPT3SAS_FMT
1995 			"%s: doesn't have buffer for buffer_type(0x%02x)\n",
1996 			ioc->name, __func__, buffer_type);
1997 		return -ENOMEM;
1998 	}
1999 
2000 	request_size = ioc->diag_buffer_sz[buffer_type];
2001 
2002 	if ((karg.starting_offset % 4) || (karg.bytes_to_read % 4)) {
2003 		pr_err(MPT3SAS_FMT "%s: either the starting_offset " \
2004 		    "or bytes_to_read are not 4 byte aligned\n", ioc->name,
2005 		    __func__);
2006 		return -EINVAL;
2007 	}
2008 
2009 	if (karg.starting_offset > request_size)
2010 		return -EINVAL;
2011 
2012 	diag_data = (void *)(request_data + karg.starting_offset);
2013 	dctlprintk(ioc, pr_info(MPT3SAS_FMT
2014 		"%s: diag_buffer(%p), offset(%d), sz(%d)\n",
2015 		ioc->name, __func__,
2016 	    diag_data, karg.starting_offset, karg.bytes_to_read));
2017 
2018 	/* Truncate data on requests that are too large */
2019 	if ((diag_data + karg.bytes_to_read < diag_data) ||
2020 	    (diag_data + karg.bytes_to_read > request_data + request_size))
2021 		copy_size = request_size - karg.starting_offset;
2022 	else
2023 		copy_size = karg.bytes_to_read;
2024 
2025 	if (copy_to_user((void __user *)uarg->diagnostic_data,
2026 	    diag_data, copy_size)) {
2027 		pr_err(MPT3SAS_FMT
2028 			"%s: Unable to write mpt_diag_read_buffer_t data @ %p\n",
2029 			ioc->name, __func__, diag_data);
2030 		return -EFAULT;
2031 	}
2032 
2033 	if ((karg.flags & MPT3_FLAGS_REREGISTER) == 0)
2034 		return 0;
2035 
2036 	dctlprintk(ioc, pr_info(MPT3SAS_FMT
2037 		"%s: Reregister buffer_type(0x%02x)\n",
2038 		ioc->name, __func__, buffer_type));
2039 	if ((ioc->diag_buffer_status[buffer_type] &
2040 	    MPT3_DIAG_BUFFER_IS_RELEASED) == 0) {
2041 		dctlprintk(ioc, pr_info(MPT3SAS_FMT
2042 			"%s: buffer_type(0x%02x) is still registered\n",
2043 			ioc->name, __func__, buffer_type));
2044 		return 0;
2045 	}
2046 	/* Get a free request frame and save the message context.
2047 	*/
2048 
2049 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
2050 		pr_err(MPT3SAS_FMT "%s: ctl_cmd in use\n",
2051 		    ioc->name, __func__);
2052 		rc = -EAGAIN;
2053 		goto out;
2054 	}
2055 
2056 	smid = mpt3sas_base_get_smid(ioc, ioc->ctl_cb_idx);
2057 	if (!smid) {
2058 		pr_err(MPT3SAS_FMT "%s: failed obtaining a smid\n",
2059 		    ioc->name, __func__);
2060 		rc = -EAGAIN;
2061 		goto out;
2062 	}
2063 
2064 	rc = 0;
2065 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
2066 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
2067 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
2068 	ioc->ctl_cmds.smid = smid;
2069 
2070 	mpi_request->Function = MPI2_FUNCTION_DIAG_BUFFER_POST;
2071 	mpi_request->BufferType = buffer_type;
2072 	mpi_request->BufferLength =
2073 	    cpu_to_le32(ioc->diag_buffer_sz[buffer_type]);
2074 	mpi_request->BufferAddress =
2075 	    cpu_to_le64(ioc->diag_buffer_dma[buffer_type]);
2076 	for (i = 0; i < MPT3_PRODUCT_SPECIFIC_DWORDS; i++)
2077 		mpi_request->ProductSpecific[i] =
2078 			cpu_to_le32(ioc->product_specific[buffer_type][i]);
2079 	mpi_request->VF_ID = 0; /* TODO */
2080 	mpi_request->VP_ID = 0;
2081 
2082 	init_completion(&ioc->ctl_cmds.done);
2083 	mpt3sas_base_put_smid_default(ioc, smid);
2084 	timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
2085 	    MPT3_IOCTL_DEFAULT_TIMEOUT*HZ);
2086 
2087 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
2088 		pr_err(MPT3SAS_FMT "%s: timeout\n", ioc->name,
2089 		    __func__);
2090 		_debug_dump_mf(mpi_request,
2091 		    sizeof(Mpi2DiagBufferPostRequest_t)/4);
2092 		if (!(ioc->ctl_cmds.status & MPT3_CMD_RESET))
2093 			issue_reset = 1;
2094 		goto issue_host_reset;
2095 	}
2096 
2097 	/* process the completed Reply Message Frame */
2098 	if ((ioc->ctl_cmds.status & MPT3_CMD_REPLY_VALID) == 0) {
2099 		pr_err(MPT3SAS_FMT "%s: no reply message\n",
2100 		    ioc->name, __func__);
2101 		rc = -EFAULT;
2102 		goto out;
2103 	}
2104 
2105 	mpi_reply = ioc->ctl_cmds.reply;
2106 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
2107 
2108 	if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
2109 		ioc->diag_buffer_status[buffer_type] |=
2110 		    MPT3_DIAG_BUFFER_IS_REGISTERED;
2111 		dctlprintk(ioc, pr_info(MPT3SAS_FMT "%s: success\n",
2112 		    ioc->name, __func__));
2113 	} else {
2114 		pr_info(MPT3SAS_FMT
2115 			"%s: ioc_status(0x%04x) log_info(0x%08x)\n",
2116 			ioc->name, __func__,
2117 		    ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
2118 		rc = -EFAULT;
2119 	}
2120 
2121  issue_host_reset:
2122 	if (issue_reset)
2123 		mpt3sas_base_hard_reset_handler(ioc, CAN_SLEEP,
2124 		    FORCE_BIG_HAMMER);
2125 
2126  out:
2127 
2128 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
2129 	return rc;
2130 }
2131 
2132 
2133 
2134 #ifdef CONFIG_COMPAT
2135 /**
2136  * _ctl_compat_mpt_command - convert 32bit pointers to 64bit.
2137  * @ioc: per adapter object
2138  * @cmd - ioctl opcode
2139  * @arg - (struct mpt3_ioctl_command32)
2140  *
2141  * MPT3COMMAND32 - Handle 32bit applications running on 64bit os.
2142  */
2143 static long
2144 _ctl_compat_mpt_command(struct MPT3SAS_ADAPTER *ioc, unsigned cmd,
2145 	void __user *arg)
2146 {
2147 	struct mpt3_ioctl_command32 karg32;
2148 	struct mpt3_ioctl_command32 __user *uarg;
2149 	struct mpt3_ioctl_command karg;
2150 
2151 	if (_IOC_SIZE(cmd) != sizeof(struct mpt3_ioctl_command32))
2152 		return -EINVAL;
2153 
2154 	uarg = (struct mpt3_ioctl_command32 __user *) arg;
2155 
2156 	if (copy_from_user(&karg32, (char __user *)arg, sizeof(karg32))) {
2157 		pr_err("failure at %s:%d/%s()!\n",
2158 		    __FILE__, __LINE__, __func__);
2159 		return -EFAULT;
2160 	}
2161 
2162 	memset(&karg, 0, sizeof(struct mpt3_ioctl_command));
2163 	karg.hdr.ioc_number = karg32.hdr.ioc_number;
2164 	karg.hdr.port_number = karg32.hdr.port_number;
2165 	karg.hdr.max_data_size = karg32.hdr.max_data_size;
2166 	karg.timeout = karg32.timeout;
2167 	karg.max_reply_bytes = karg32.max_reply_bytes;
2168 	karg.data_in_size = karg32.data_in_size;
2169 	karg.data_out_size = karg32.data_out_size;
2170 	karg.max_sense_bytes = karg32.max_sense_bytes;
2171 	karg.data_sge_offset = karg32.data_sge_offset;
2172 	karg.reply_frame_buf_ptr = compat_ptr(karg32.reply_frame_buf_ptr);
2173 	karg.data_in_buf_ptr = compat_ptr(karg32.data_in_buf_ptr);
2174 	karg.data_out_buf_ptr = compat_ptr(karg32.data_out_buf_ptr);
2175 	karg.sense_data_ptr = compat_ptr(karg32.sense_data_ptr);
2176 	return _ctl_do_mpt_command(ioc, karg, &uarg->mf);
2177 }
2178 #endif
2179 
2180 /**
2181  * _ctl_ioctl_main - main ioctl entry point
2182  * @file - (struct file)
2183  * @cmd - ioctl opcode
2184  * @arg -
2185  * compat - handles 32 bit applications in 64bit os
2186  */
2187 static long
2188 _ctl_ioctl_main(struct file *file, unsigned int cmd, void __user *arg,
2189 	u8 compat)
2190 {
2191 	struct MPT3SAS_ADAPTER *ioc;
2192 	struct mpt3_ioctl_header ioctl_header;
2193 	enum block_state state;
2194 	long ret = -EINVAL;
2195 
2196 	/* get IOCTL header */
2197 	if (copy_from_user(&ioctl_header, (char __user *)arg,
2198 	    sizeof(struct mpt3_ioctl_header))) {
2199 		pr_err("failure at %s:%d/%s()!\n",
2200 		    __FILE__, __LINE__, __func__);
2201 		return -EFAULT;
2202 	}
2203 
2204 	if (_ctl_verify_adapter(ioctl_header.ioc_number, &ioc) == -1 || !ioc)
2205 		return -ENODEV;
2206 
2207 	if (ioc->shost_recovery || ioc->pci_error_recovery ||
2208 	    ioc->is_driver_loading)
2209 		return -EAGAIN;
2210 
2211 	state = (file->f_flags & O_NONBLOCK) ? NON_BLOCKING : BLOCKING;
2212 	if (state == NON_BLOCKING) {
2213 		if (!mutex_trylock(&ioc->ctl_cmds.mutex))
2214 			return -EAGAIN;
2215 	} else if (mutex_lock_interruptible(&ioc->ctl_cmds.mutex))
2216 		return -ERESTARTSYS;
2217 
2218 
2219 	switch (cmd) {
2220 	case MPT3IOCINFO:
2221 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_iocinfo))
2222 			ret = _ctl_getiocinfo(ioc, arg);
2223 		break;
2224 #ifdef CONFIG_COMPAT
2225 	case MPT3COMMAND32:
2226 #endif
2227 	case MPT3COMMAND:
2228 	{
2229 		struct mpt3_ioctl_command __user *uarg;
2230 		struct mpt3_ioctl_command karg;
2231 
2232 #ifdef CONFIG_COMPAT
2233 		if (compat) {
2234 			ret = _ctl_compat_mpt_command(ioc, cmd, arg);
2235 			break;
2236 		}
2237 #endif
2238 		if (copy_from_user(&karg, arg, sizeof(karg))) {
2239 			pr_err("failure at %s:%d/%s()!\n",
2240 			    __FILE__, __LINE__, __func__);
2241 			ret = -EFAULT;
2242 			break;
2243 		}
2244 
2245 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_command)) {
2246 			uarg = arg;
2247 			ret = _ctl_do_mpt_command(ioc, karg, &uarg->mf);
2248 		}
2249 		break;
2250 	}
2251 	case MPT3EVENTQUERY:
2252 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_eventquery))
2253 			ret = _ctl_eventquery(ioc, arg);
2254 		break;
2255 	case MPT3EVENTENABLE:
2256 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_eventenable))
2257 			ret = _ctl_eventenable(ioc, arg);
2258 		break;
2259 	case MPT3EVENTREPORT:
2260 		ret = _ctl_eventreport(ioc, arg);
2261 		break;
2262 	case MPT3HARDRESET:
2263 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_diag_reset))
2264 			ret = _ctl_do_reset(ioc, arg);
2265 		break;
2266 	case MPT3BTDHMAPPING:
2267 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_btdh_mapping))
2268 			ret = _ctl_btdh_mapping(ioc, arg);
2269 		break;
2270 	case MPT3DIAGREGISTER:
2271 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_register))
2272 			ret = _ctl_diag_register(ioc, arg);
2273 		break;
2274 	case MPT3DIAGUNREGISTER:
2275 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_unregister))
2276 			ret = _ctl_diag_unregister(ioc, arg);
2277 		break;
2278 	case MPT3DIAGQUERY:
2279 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_query))
2280 			ret = _ctl_diag_query(ioc, arg);
2281 		break;
2282 	case MPT3DIAGRELEASE:
2283 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_release))
2284 			ret = _ctl_diag_release(ioc, arg);
2285 		break;
2286 	case MPT3DIAGREADBUFFER:
2287 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_read_buffer))
2288 			ret = _ctl_diag_read_buffer(ioc, arg);
2289 		break;
2290 	default:
2291 		dctlprintk(ioc, pr_info(MPT3SAS_FMT
2292 		    "unsupported ioctl opcode(0x%08x)\n", ioc->name, cmd));
2293 		break;
2294 	}
2295 
2296 	mutex_unlock(&ioc->ctl_cmds.mutex);
2297 	return ret;
2298 }
2299 
2300 /**
2301  * _ctl_ioctl - main ioctl entry point (unlocked)
2302  * @file - (struct file)
2303  * @cmd - ioctl opcode
2304  * @arg -
2305  */
2306 static long
2307 _ctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2308 {
2309 	long ret;
2310 
2311 	ret = _ctl_ioctl_main(file, cmd, (void __user *)arg, 0);
2312 	return ret;
2313 }
2314 
2315 #ifdef CONFIG_COMPAT
2316 /**
2317  * _ctl_ioctl_compat - main ioctl entry point (compat)
2318  * @file -
2319  * @cmd -
2320  * @arg -
2321  *
2322  * This routine handles 32 bit applications in 64bit os.
2323  */
2324 static long
2325 _ctl_ioctl_compat(struct file *file, unsigned cmd, unsigned long arg)
2326 {
2327 	long ret;
2328 
2329 	ret = _ctl_ioctl_main(file, cmd, (void __user *)arg, 1);
2330 	return ret;
2331 }
2332 #endif
2333 
2334 /* scsi host attributes */
2335 /**
2336  * _ctl_version_fw_show - firmware version
2337  * @cdev - pointer to embedded class device
2338  * @buf - the buffer returned
2339  *
2340  * A sysfs 'read-only' shost attribute.
2341  */
2342 static ssize_t
2343 _ctl_version_fw_show(struct device *cdev, struct device_attribute *attr,
2344 	char *buf)
2345 {
2346 	struct Scsi_Host *shost = class_to_shost(cdev);
2347 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2348 
2349 	return snprintf(buf, PAGE_SIZE, "%02d.%02d.%02d.%02d\n",
2350 	    (ioc->facts.FWVersion.Word & 0xFF000000) >> 24,
2351 	    (ioc->facts.FWVersion.Word & 0x00FF0000) >> 16,
2352 	    (ioc->facts.FWVersion.Word & 0x0000FF00) >> 8,
2353 	    ioc->facts.FWVersion.Word & 0x000000FF);
2354 }
2355 static DEVICE_ATTR(version_fw, S_IRUGO, _ctl_version_fw_show, NULL);
2356 
2357 /**
2358  * _ctl_version_bios_show - bios version
2359  * @cdev - pointer to embedded class device
2360  * @buf - the buffer returned
2361  *
2362  * A sysfs 'read-only' shost attribute.
2363  */
2364 static ssize_t
2365 _ctl_version_bios_show(struct device *cdev, struct device_attribute *attr,
2366 	char *buf)
2367 {
2368 	struct Scsi_Host *shost = class_to_shost(cdev);
2369 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2370 
2371 	u32 version = le32_to_cpu(ioc->bios_pg3.BiosVersion);
2372 
2373 	return snprintf(buf, PAGE_SIZE, "%02d.%02d.%02d.%02d\n",
2374 	    (version & 0xFF000000) >> 24,
2375 	    (version & 0x00FF0000) >> 16,
2376 	    (version & 0x0000FF00) >> 8,
2377 	    version & 0x000000FF);
2378 }
2379 static DEVICE_ATTR(version_bios, S_IRUGO, _ctl_version_bios_show, NULL);
2380 
2381 /**
2382  * _ctl_version_mpi_show - MPI (message passing interface) version
2383  * @cdev - pointer to embedded class device
2384  * @buf - the buffer returned
2385  *
2386  * A sysfs 'read-only' shost attribute.
2387  */
2388 static ssize_t
2389 _ctl_version_mpi_show(struct device *cdev, struct device_attribute *attr,
2390 	char *buf)
2391 {
2392 	struct Scsi_Host *shost = class_to_shost(cdev);
2393 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2394 
2395 	return snprintf(buf, PAGE_SIZE, "%03x.%02x\n",
2396 	    ioc->facts.MsgVersion, ioc->facts.HeaderVersion >> 8);
2397 }
2398 static DEVICE_ATTR(version_mpi, S_IRUGO, _ctl_version_mpi_show, NULL);
2399 
2400 /**
2401  * _ctl_version_product_show - product name
2402  * @cdev - pointer to embedded class device
2403  * @buf - the buffer returned
2404  *
2405  * A sysfs 'read-only' shost attribute.
2406  */
2407 static ssize_t
2408 _ctl_version_product_show(struct device *cdev, struct device_attribute *attr,
2409 	char *buf)
2410 {
2411 	struct Scsi_Host *shost = class_to_shost(cdev);
2412 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2413 
2414 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.ChipName);
2415 }
2416 static DEVICE_ATTR(version_product, S_IRUGO, _ctl_version_product_show, NULL);
2417 
2418 /**
2419  * _ctl_version_nvdata_persistent_show - ndvata persistent version
2420  * @cdev - pointer to embedded class device
2421  * @buf - the buffer returned
2422  *
2423  * A sysfs 'read-only' shost attribute.
2424  */
2425 static ssize_t
2426 _ctl_version_nvdata_persistent_show(struct device *cdev,
2427 	struct device_attribute *attr, char *buf)
2428 {
2429 	struct Scsi_Host *shost = class_to_shost(cdev);
2430 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2431 
2432 	return snprintf(buf, PAGE_SIZE, "%08xh\n",
2433 	    le32_to_cpu(ioc->iounit_pg0.NvdataVersionPersistent.Word));
2434 }
2435 static DEVICE_ATTR(version_nvdata_persistent, S_IRUGO,
2436 	_ctl_version_nvdata_persistent_show, NULL);
2437 
2438 /**
2439  * _ctl_version_nvdata_default_show - nvdata default version
2440  * @cdev - pointer to embedded class device
2441  * @buf - the buffer returned
2442  *
2443  * A sysfs 'read-only' shost attribute.
2444  */
2445 static ssize_t
2446 _ctl_version_nvdata_default_show(struct device *cdev, struct device_attribute
2447 	*attr, char *buf)
2448 {
2449 	struct Scsi_Host *shost = class_to_shost(cdev);
2450 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2451 
2452 	return snprintf(buf, PAGE_SIZE, "%08xh\n",
2453 	    le32_to_cpu(ioc->iounit_pg0.NvdataVersionDefault.Word));
2454 }
2455 static DEVICE_ATTR(version_nvdata_default, S_IRUGO,
2456 	_ctl_version_nvdata_default_show, NULL);
2457 
2458 /**
2459  * _ctl_board_name_show - board name
2460  * @cdev - pointer to embedded class device
2461  * @buf - the buffer returned
2462  *
2463  * A sysfs 'read-only' shost attribute.
2464  */
2465 static ssize_t
2466 _ctl_board_name_show(struct device *cdev, struct device_attribute *attr,
2467 	char *buf)
2468 {
2469 	struct Scsi_Host *shost = class_to_shost(cdev);
2470 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2471 
2472 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardName);
2473 }
2474 static DEVICE_ATTR(board_name, S_IRUGO, _ctl_board_name_show, NULL);
2475 
2476 /**
2477  * _ctl_board_assembly_show - board assembly name
2478  * @cdev - pointer to embedded class device
2479  * @buf - the buffer returned
2480  *
2481  * A sysfs 'read-only' shost attribute.
2482  */
2483 static ssize_t
2484 _ctl_board_assembly_show(struct device *cdev, struct device_attribute *attr,
2485 	char *buf)
2486 {
2487 	struct Scsi_Host *shost = class_to_shost(cdev);
2488 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2489 
2490 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardAssembly);
2491 }
2492 static DEVICE_ATTR(board_assembly, S_IRUGO, _ctl_board_assembly_show, NULL);
2493 
2494 /**
2495  * _ctl_board_tracer_show - board tracer number
2496  * @cdev - pointer to embedded class device
2497  * @buf - the buffer returned
2498  *
2499  * A sysfs 'read-only' shost attribute.
2500  */
2501 static ssize_t
2502 _ctl_board_tracer_show(struct device *cdev, struct device_attribute *attr,
2503 	char *buf)
2504 {
2505 	struct Scsi_Host *shost = class_to_shost(cdev);
2506 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2507 
2508 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardTracerNumber);
2509 }
2510 static DEVICE_ATTR(board_tracer, S_IRUGO, _ctl_board_tracer_show, NULL);
2511 
2512 /**
2513  * _ctl_io_delay_show - io missing delay
2514  * @cdev - pointer to embedded class device
2515  * @buf - the buffer returned
2516  *
2517  * This is for firmware implemention for deboucing device
2518  * removal events.
2519  *
2520  * A sysfs 'read-only' shost attribute.
2521  */
2522 static ssize_t
2523 _ctl_io_delay_show(struct device *cdev, struct device_attribute *attr,
2524 	char *buf)
2525 {
2526 	struct Scsi_Host *shost = class_to_shost(cdev);
2527 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2528 
2529 	return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->io_missing_delay);
2530 }
2531 static DEVICE_ATTR(io_delay, S_IRUGO, _ctl_io_delay_show, NULL);
2532 
2533 /**
2534  * _ctl_device_delay_show - device missing delay
2535  * @cdev - pointer to embedded class device
2536  * @buf - the buffer returned
2537  *
2538  * This is for firmware implemention for deboucing device
2539  * removal events.
2540  *
2541  * A sysfs 'read-only' shost attribute.
2542  */
2543 static ssize_t
2544 _ctl_device_delay_show(struct device *cdev, struct device_attribute *attr,
2545 	char *buf)
2546 {
2547 	struct Scsi_Host *shost = class_to_shost(cdev);
2548 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2549 
2550 	return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->device_missing_delay);
2551 }
2552 static DEVICE_ATTR(device_delay, S_IRUGO, _ctl_device_delay_show, NULL);
2553 
2554 /**
2555  * _ctl_fw_queue_depth_show - global credits
2556  * @cdev - pointer to embedded class device
2557  * @buf - the buffer returned
2558  *
2559  * This is firmware queue depth limit
2560  *
2561  * A sysfs 'read-only' shost attribute.
2562  */
2563 static ssize_t
2564 _ctl_fw_queue_depth_show(struct device *cdev, struct device_attribute *attr,
2565 	char *buf)
2566 {
2567 	struct Scsi_Host *shost = class_to_shost(cdev);
2568 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2569 
2570 	return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->facts.RequestCredit);
2571 }
2572 static DEVICE_ATTR(fw_queue_depth, S_IRUGO, _ctl_fw_queue_depth_show, NULL);
2573 
2574 /**
2575  * _ctl_sas_address_show - sas address
2576  * @cdev - pointer to embedded class device
2577  * @buf - the buffer returned
2578  *
2579  * This is the controller sas address
2580  *
2581  * A sysfs 'read-only' shost attribute.
2582  */
2583 static ssize_t
2584 _ctl_host_sas_address_show(struct device *cdev, struct device_attribute *attr,
2585 	char *buf)
2586 
2587 {
2588 	struct Scsi_Host *shost = class_to_shost(cdev);
2589 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2590 
2591 	return snprintf(buf, PAGE_SIZE, "0x%016llx\n",
2592 	    (unsigned long long)ioc->sas_hba.sas_address);
2593 }
2594 static DEVICE_ATTR(host_sas_address, S_IRUGO,
2595 	_ctl_host_sas_address_show, NULL);
2596 
2597 /**
2598  * _ctl_logging_level_show - logging level
2599  * @cdev - pointer to embedded class device
2600  * @buf - the buffer returned
2601  *
2602  * A sysfs 'read/write' shost attribute.
2603  */
2604 static ssize_t
2605 _ctl_logging_level_show(struct device *cdev, struct device_attribute *attr,
2606 	char *buf)
2607 {
2608 	struct Scsi_Host *shost = class_to_shost(cdev);
2609 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2610 
2611 	return snprintf(buf, PAGE_SIZE, "%08xh\n", ioc->logging_level);
2612 }
2613 static ssize_t
2614 _ctl_logging_level_store(struct device *cdev, struct device_attribute *attr,
2615 	const char *buf, size_t count)
2616 {
2617 	struct Scsi_Host *shost = class_to_shost(cdev);
2618 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2619 	int val = 0;
2620 
2621 	if (sscanf(buf, "%x", &val) != 1)
2622 		return -EINVAL;
2623 
2624 	ioc->logging_level = val;
2625 	pr_info(MPT3SAS_FMT "logging_level=%08xh\n", ioc->name,
2626 	    ioc->logging_level);
2627 	return strlen(buf);
2628 }
2629 static DEVICE_ATTR(logging_level, S_IRUGO | S_IWUSR, _ctl_logging_level_show,
2630 	_ctl_logging_level_store);
2631 
2632 /**
2633  * _ctl_fwfault_debug_show - show/store fwfault_debug
2634  * @cdev - pointer to embedded class device
2635  * @buf - the buffer returned
2636  *
2637  * mpt3sas_fwfault_debug is command line option
2638  * A sysfs 'read/write' shost attribute.
2639  */
2640 static ssize_t
2641 _ctl_fwfault_debug_show(struct device *cdev, struct device_attribute *attr,
2642 	char *buf)
2643 {
2644 	struct Scsi_Host *shost = class_to_shost(cdev);
2645 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2646 
2647 	return snprintf(buf, PAGE_SIZE, "%d\n", ioc->fwfault_debug);
2648 }
2649 static ssize_t
2650 _ctl_fwfault_debug_store(struct device *cdev, struct device_attribute *attr,
2651 	const char *buf, size_t count)
2652 {
2653 	struct Scsi_Host *shost = class_to_shost(cdev);
2654 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2655 	int val = 0;
2656 
2657 	if (sscanf(buf, "%d", &val) != 1)
2658 		return -EINVAL;
2659 
2660 	ioc->fwfault_debug = val;
2661 	pr_info(MPT3SAS_FMT "fwfault_debug=%d\n", ioc->name,
2662 	    ioc->fwfault_debug);
2663 	return strlen(buf);
2664 }
2665 static DEVICE_ATTR(fwfault_debug, S_IRUGO | S_IWUSR,
2666 	_ctl_fwfault_debug_show, _ctl_fwfault_debug_store);
2667 
2668 /**
2669  * _ctl_ioc_reset_count_show - ioc reset count
2670  * @cdev - pointer to embedded class device
2671  * @buf - the buffer returned
2672  *
2673  * This is firmware queue depth limit
2674  *
2675  * A sysfs 'read-only' shost attribute.
2676  */
2677 static ssize_t
2678 _ctl_ioc_reset_count_show(struct device *cdev, struct device_attribute *attr,
2679 	char *buf)
2680 {
2681 	struct Scsi_Host *shost = class_to_shost(cdev);
2682 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2683 
2684 	return snprintf(buf, PAGE_SIZE, "%d\n", ioc->ioc_reset_count);
2685 }
2686 static DEVICE_ATTR(ioc_reset_count, S_IRUGO, _ctl_ioc_reset_count_show, NULL);
2687 
2688 /**
2689  * _ctl_ioc_reply_queue_count_show - number of reply queues
2690  * @cdev - pointer to embedded class device
2691  * @buf - the buffer returned
2692  *
2693  * This is number of reply queues
2694  *
2695  * A sysfs 'read-only' shost attribute.
2696  */
2697 static ssize_t
2698 _ctl_ioc_reply_queue_count_show(struct device *cdev,
2699 	struct device_attribute *attr, char *buf)
2700 {
2701 	u8 reply_queue_count;
2702 	struct Scsi_Host *shost = class_to_shost(cdev);
2703 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2704 
2705 	if ((ioc->facts.IOCCapabilities &
2706 	    MPI2_IOCFACTS_CAPABILITY_MSI_X_INDEX) && ioc->msix_enable)
2707 		reply_queue_count = ioc->reply_queue_count;
2708 	else
2709 		reply_queue_count = 1;
2710 
2711 	return snprintf(buf, PAGE_SIZE, "%d\n", reply_queue_count);
2712 }
2713 static DEVICE_ATTR(reply_queue_count, S_IRUGO, _ctl_ioc_reply_queue_count_show,
2714 	NULL);
2715 
2716 struct DIAG_BUFFER_START {
2717 	__le32	Size;
2718 	__le32	DiagVersion;
2719 	u8	BufferType;
2720 	u8	Reserved[3];
2721 	__le32	Reserved1;
2722 	__le32	Reserved2;
2723 	__le32	Reserved3;
2724 };
2725 
2726 /**
2727  * _ctl_host_trace_buffer_size_show - host buffer size (trace only)
2728  * @cdev - pointer to embedded class device
2729  * @buf - the buffer returned
2730  *
2731  * A sysfs 'read-only' shost attribute.
2732  */
2733 static ssize_t
2734 _ctl_host_trace_buffer_size_show(struct device *cdev,
2735 	struct device_attribute *attr, char *buf)
2736 {
2737 	struct Scsi_Host *shost = class_to_shost(cdev);
2738 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2739 	u32 size = 0;
2740 	struct DIAG_BUFFER_START *request_data;
2741 
2742 	if (!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) {
2743 		pr_err(MPT3SAS_FMT
2744 			"%s: host_trace_buffer is not registered\n",
2745 			ioc->name, __func__);
2746 		return 0;
2747 	}
2748 
2749 	if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2750 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
2751 		pr_err(MPT3SAS_FMT
2752 			"%s: host_trace_buffer is not registered\n",
2753 			ioc->name, __func__);
2754 		return 0;
2755 	}
2756 
2757 	request_data = (struct DIAG_BUFFER_START *)
2758 	    ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE];
2759 	if ((le32_to_cpu(request_data->DiagVersion) == 0x00000000 ||
2760 	    le32_to_cpu(request_data->DiagVersion) == 0x01000000 ||
2761 	    le32_to_cpu(request_data->DiagVersion) == 0x01010000) &&
2762 	    le32_to_cpu(request_data->Reserved3) == 0x4742444c)
2763 		size = le32_to_cpu(request_data->Size);
2764 
2765 	ioc->ring_buffer_sz = size;
2766 	return snprintf(buf, PAGE_SIZE, "%d\n", size);
2767 }
2768 static DEVICE_ATTR(host_trace_buffer_size, S_IRUGO,
2769 	_ctl_host_trace_buffer_size_show, NULL);
2770 
2771 /**
2772  * _ctl_host_trace_buffer_show - firmware ring buffer (trace only)
2773  * @cdev - pointer to embedded class device
2774  * @buf - the buffer returned
2775  *
2776  * A sysfs 'read/write' shost attribute.
2777  *
2778  * You will only be able to read 4k bytes of ring buffer at a time.
2779  * In order to read beyond 4k bytes, you will have to write out the
2780  * offset to the same attribute, it will move the pointer.
2781  */
2782 static ssize_t
2783 _ctl_host_trace_buffer_show(struct device *cdev, struct device_attribute *attr,
2784 	char *buf)
2785 {
2786 	struct Scsi_Host *shost = class_to_shost(cdev);
2787 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2788 	void *request_data;
2789 	u32 size;
2790 
2791 	if (!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) {
2792 		pr_err(MPT3SAS_FMT
2793 			"%s: host_trace_buffer is not registered\n",
2794 			ioc->name, __func__);
2795 		return 0;
2796 	}
2797 
2798 	if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2799 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
2800 		pr_err(MPT3SAS_FMT
2801 			"%s: host_trace_buffer is not registered\n",
2802 			ioc->name, __func__);
2803 		return 0;
2804 	}
2805 
2806 	if (ioc->ring_buffer_offset > ioc->ring_buffer_sz)
2807 		return 0;
2808 
2809 	size = ioc->ring_buffer_sz - ioc->ring_buffer_offset;
2810 	size = (size >= PAGE_SIZE) ? (PAGE_SIZE - 1) : size;
2811 	request_data = ioc->diag_buffer[0] + ioc->ring_buffer_offset;
2812 	memcpy(buf, request_data, size);
2813 	return size;
2814 }
2815 
2816 static ssize_t
2817 _ctl_host_trace_buffer_store(struct device *cdev, struct device_attribute *attr,
2818 	const char *buf, size_t count)
2819 {
2820 	struct Scsi_Host *shost = class_to_shost(cdev);
2821 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2822 	int val = 0;
2823 
2824 	if (sscanf(buf, "%d", &val) != 1)
2825 		return -EINVAL;
2826 
2827 	ioc->ring_buffer_offset = val;
2828 	return strlen(buf);
2829 }
2830 static DEVICE_ATTR(host_trace_buffer, S_IRUGO | S_IWUSR,
2831 	_ctl_host_trace_buffer_show, _ctl_host_trace_buffer_store);
2832 
2833 
2834 /*****************************************/
2835 
2836 /**
2837  * _ctl_host_trace_buffer_enable_show - firmware ring buffer (trace only)
2838  * @cdev - pointer to embedded class device
2839  * @buf - the buffer returned
2840  *
2841  * A sysfs 'read/write' shost attribute.
2842  *
2843  * This is a mechnism to post/release host_trace_buffers
2844  */
2845 static ssize_t
2846 _ctl_host_trace_buffer_enable_show(struct device *cdev,
2847 	struct device_attribute *attr, char *buf)
2848 {
2849 	struct Scsi_Host *shost = class_to_shost(cdev);
2850 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2851 
2852 	if ((!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) ||
2853 	   ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2854 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0))
2855 		return snprintf(buf, PAGE_SIZE, "off\n");
2856 	else if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2857 	    MPT3_DIAG_BUFFER_IS_RELEASED))
2858 		return snprintf(buf, PAGE_SIZE, "release\n");
2859 	else
2860 		return snprintf(buf, PAGE_SIZE, "post\n");
2861 }
2862 
2863 static ssize_t
2864 _ctl_host_trace_buffer_enable_store(struct device *cdev,
2865 	struct device_attribute *attr, const char *buf, size_t count)
2866 {
2867 	struct Scsi_Host *shost = class_to_shost(cdev);
2868 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2869 	char str[10] = "";
2870 	struct mpt3_diag_register diag_register;
2871 	u8 issue_reset = 0;
2872 
2873 	/* don't allow post/release occurr while recovery is active */
2874 	if (ioc->shost_recovery || ioc->remove_host ||
2875 	    ioc->pci_error_recovery || ioc->is_driver_loading)
2876 		return -EBUSY;
2877 
2878 	if (sscanf(buf, "%9s", str) != 1)
2879 		return -EINVAL;
2880 
2881 	if (!strcmp(str, "post")) {
2882 		/* exit out if host buffers are already posted */
2883 		if ((ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) &&
2884 		    (ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2885 		    MPT3_DIAG_BUFFER_IS_REGISTERED) &&
2886 		    ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2887 		    MPT3_DIAG_BUFFER_IS_RELEASED) == 0))
2888 			goto out;
2889 		memset(&diag_register, 0, sizeof(struct mpt3_diag_register));
2890 		pr_info(MPT3SAS_FMT "posting host trace buffers\n",
2891 		    ioc->name);
2892 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_TRACE;
2893 		diag_register.requested_buffer_size = (1024 * 1024);
2894 		diag_register.unique_id = 0x7075900;
2895 		ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] = 0;
2896 		_ctl_diag_register_2(ioc,  &diag_register);
2897 	} else if (!strcmp(str, "release")) {
2898 		/* exit out if host buffers are already released */
2899 		if (!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE])
2900 			goto out;
2901 		if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2902 		    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0)
2903 			goto out;
2904 		if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2905 		    MPT3_DIAG_BUFFER_IS_RELEASED))
2906 			goto out;
2907 		pr_info(MPT3SAS_FMT "releasing host trace buffer\n",
2908 		    ioc->name);
2909 		mpt3sas_send_diag_release(ioc, MPI2_DIAG_BUF_TYPE_TRACE,
2910 		    &issue_reset);
2911 	}
2912 
2913  out:
2914 	return strlen(buf);
2915 }
2916 static DEVICE_ATTR(host_trace_buffer_enable, S_IRUGO | S_IWUSR,
2917 	_ctl_host_trace_buffer_enable_show,
2918 	_ctl_host_trace_buffer_enable_store);
2919 
2920 /*********** diagnostic trigger suppport *********************************/
2921 
2922 /**
2923  * _ctl_diag_trigger_master_show - show the diag_trigger_master attribute
2924  * @cdev - pointer to embedded class device
2925  * @buf - the buffer returned
2926  *
2927  * A sysfs 'read/write' shost attribute.
2928  */
2929 static ssize_t
2930 _ctl_diag_trigger_master_show(struct device *cdev,
2931 	struct device_attribute *attr, char *buf)
2932 
2933 {
2934 	struct Scsi_Host *shost = class_to_shost(cdev);
2935 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2936 	unsigned long flags;
2937 	ssize_t rc;
2938 
2939 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
2940 	rc = sizeof(struct SL_WH_MASTER_TRIGGER_T);
2941 	memcpy(buf, &ioc->diag_trigger_master, rc);
2942 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
2943 	return rc;
2944 }
2945 
2946 /**
2947  * _ctl_diag_trigger_master_store - store the diag_trigger_master attribute
2948  * @cdev - pointer to embedded class device
2949  * @buf - the buffer returned
2950  *
2951  * A sysfs 'read/write' shost attribute.
2952  */
2953 static ssize_t
2954 _ctl_diag_trigger_master_store(struct device *cdev,
2955 	struct device_attribute *attr, const char *buf, size_t count)
2956 
2957 {
2958 	struct Scsi_Host *shost = class_to_shost(cdev);
2959 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2960 	unsigned long flags;
2961 	ssize_t rc;
2962 
2963 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
2964 	rc = min(sizeof(struct SL_WH_MASTER_TRIGGER_T), count);
2965 	memset(&ioc->diag_trigger_master, 0,
2966 	    sizeof(struct SL_WH_MASTER_TRIGGER_T));
2967 	memcpy(&ioc->diag_trigger_master, buf, rc);
2968 	ioc->diag_trigger_master.MasterData |=
2969 	    (MASTER_TRIGGER_FW_FAULT + MASTER_TRIGGER_ADAPTER_RESET);
2970 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
2971 	return rc;
2972 }
2973 static DEVICE_ATTR(diag_trigger_master, S_IRUGO | S_IWUSR,
2974 	_ctl_diag_trigger_master_show, _ctl_diag_trigger_master_store);
2975 
2976 
2977 /**
2978  * _ctl_diag_trigger_event_show - show the diag_trigger_event attribute
2979  * @cdev - pointer to embedded class device
2980  * @buf - the buffer returned
2981  *
2982  * A sysfs 'read/write' shost attribute.
2983  */
2984 static ssize_t
2985 _ctl_diag_trigger_event_show(struct device *cdev,
2986 	struct device_attribute *attr, char *buf)
2987 {
2988 	struct Scsi_Host *shost = class_to_shost(cdev);
2989 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2990 	unsigned long flags;
2991 	ssize_t rc;
2992 
2993 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
2994 	rc = sizeof(struct SL_WH_EVENT_TRIGGERS_T);
2995 	memcpy(buf, &ioc->diag_trigger_event, rc);
2996 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
2997 	return rc;
2998 }
2999 
3000 /**
3001  * _ctl_diag_trigger_event_store - store the diag_trigger_event attribute
3002  * @cdev - pointer to embedded class device
3003  * @buf - the buffer returned
3004  *
3005  * A sysfs 'read/write' shost attribute.
3006  */
3007 static ssize_t
3008 _ctl_diag_trigger_event_store(struct device *cdev,
3009 	struct device_attribute *attr, const char *buf, size_t count)
3010 
3011 {
3012 	struct Scsi_Host *shost = class_to_shost(cdev);
3013 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3014 	unsigned long flags;
3015 	ssize_t sz;
3016 
3017 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3018 	sz = min(sizeof(struct SL_WH_EVENT_TRIGGERS_T), count);
3019 	memset(&ioc->diag_trigger_event, 0,
3020 	    sizeof(struct SL_WH_EVENT_TRIGGERS_T));
3021 	memcpy(&ioc->diag_trigger_event, buf, sz);
3022 	if (ioc->diag_trigger_event.ValidEntries > NUM_VALID_ENTRIES)
3023 		ioc->diag_trigger_event.ValidEntries = NUM_VALID_ENTRIES;
3024 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3025 	return sz;
3026 }
3027 static DEVICE_ATTR(diag_trigger_event, S_IRUGO | S_IWUSR,
3028 	_ctl_diag_trigger_event_show, _ctl_diag_trigger_event_store);
3029 
3030 
3031 /**
3032  * _ctl_diag_trigger_scsi_show - show the diag_trigger_scsi attribute
3033  * @cdev - pointer to embedded class device
3034  * @buf - the buffer returned
3035  *
3036  * A sysfs 'read/write' shost attribute.
3037  */
3038 static ssize_t
3039 _ctl_diag_trigger_scsi_show(struct device *cdev,
3040 	struct device_attribute *attr, char *buf)
3041 {
3042 	struct Scsi_Host *shost = class_to_shost(cdev);
3043 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3044 	unsigned long flags;
3045 	ssize_t rc;
3046 
3047 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3048 	rc = sizeof(struct SL_WH_SCSI_TRIGGERS_T);
3049 	memcpy(buf, &ioc->diag_trigger_scsi, rc);
3050 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3051 	return rc;
3052 }
3053 
3054 /**
3055  * _ctl_diag_trigger_scsi_store - store the diag_trigger_scsi attribute
3056  * @cdev - pointer to embedded class device
3057  * @buf - the buffer returned
3058  *
3059  * A sysfs 'read/write' shost attribute.
3060  */
3061 static ssize_t
3062 _ctl_diag_trigger_scsi_store(struct device *cdev,
3063 	struct device_attribute *attr, const char *buf, size_t count)
3064 {
3065 	struct Scsi_Host *shost = class_to_shost(cdev);
3066 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3067 	unsigned long flags;
3068 	ssize_t sz;
3069 
3070 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3071 	sz = min(sizeof(struct SL_WH_SCSI_TRIGGERS_T), count);
3072 	memset(&ioc->diag_trigger_scsi, 0,
3073 	    sizeof(struct SL_WH_EVENT_TRIGGERS_T));
3074 	memcpy(&ioc->diag_trigger_scsi, buf, sz);
3075 	if (ioc->diag_trigger_scsi.ValidEntries > NUM_VALID_ENTRIES)
3076 		ioc->diag_trigger_scsi.ValidEntries = NUM_VALID_ENTRIES;
3077 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3078 	return sz;
3079 }
3080 static DEVICE_ATTR(diag_trigger_scsi, S_IRUGO | S_IWUSR,
3081 	_ctl_diag_trigger_scsi_show, _ctl_diag_trigger_scsi_store);
3082 
3083 
3084 /**
3085  * _ctl_diag_trigger_scsi_show - show the diag_trigger_mpi attribute
3086  * @cdev - pointer to embedded class device
3087  * @buf - the buffer returned
3088  *
3089  * A sysfs 'read/write' shost attribute.
3090  */
3091 static ssize_t
3092 _ctl_diag_trigger_mpi_show(struct device *cdev,
3093 	struct device_attribute *attr, char *buf)
3094 {
3095 	struct Scsi_Host *shost = class_to_shost(cdev);
3096 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3097 	unsigned long flags;
3098 	ssize_t rc;
3099 
3100 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3101 	rc = sizeof(struct SL_WH_MPI_TRIGGERS_T);
3102 	memcpy(buf, &ioc->diag_trigger_mpi, rc);
3103 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3104 	return rc;
3105 }
3106 
3107 /**
3108  * _ctl_diag_trigger_mpi_store - store the diag_trigger_mpi attribute
3109  * @cdev - pointer to embedded class device
3110  * @buf - the buffer returned
3111  *
3112  * A sysfs 'read/write' shost attribute.
3113  */
3114 static ssize_t
3115 _ctl_diag_trigger_mpi_store(struct device *cdev,
3116 	struct device_attribute *attr, const char *buf, size_t count)
3117 {
3118 	struct Scsi_Host *shost = class_to_shost(cdev);
3119 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3120 	unsigned long flags;
3121 	ssize_t sz;
3122 
3123 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3124 	sz = min(sizeof(struct SL_WH_MPI_TRIGGERS_T), count);
3125 	memset(&ioc->diag_trigger_mpi, 0,
3126 	    sizeof(ioc->diag_trigger_mpi));
3127 	memcpy(&ioc->diag_trigger_mpi, buf, sz);
3128 	if (ioc->diag_trigger_mpi.ValidEntries > NUM_VALID_ENTRIES)
3129 		ioc->diag_trigger_mpi.ValidEntries = NUM_VALID_ENTRIES;
3130 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3131 	return sz;
3132 }
3133 
3134 static DEVICE_ATTR(diag_trigger_mpi, S_IRUGO | S_IWUSR,
3135 	_ctl_diag_trigger_mpi_show, _ctl_diag_trigger_mpi_store);
3136 
3137 /*********** diagnostic trigger suppport *** END ****************************/
3138 
3139 
3140 
3141 /*****************************************/
3142 
3143 struct device_attribute *mpt3sas_host_attrs[] = {
3144 	&dev_attr_version_fw,
3145 	&dev_attr_version_bios,
3146 	&dev_attr_version_mpi,
3147 	&dev_attr_version_product,
3148 	&dev_attr_version_nvdata_persistent,
3149 	&dev_attr_version_nvdata_default,
3150 	&dev_attr_board_name,
3151 	&dev_attr_board_assembly,
3152 	&dev_attr_board_tracer,
3153 	&dev_attr_io_delay,
3154 	&dev_attr_device_delay,
3155 	&dev_attr_logging_level,
3156 	&dev_attr_fwfault_debug,
3157 	&dev_attr_fw_queue_depth,
3158 	&dev_attr_host_sas_address,
3159 	&dev_attr_ioc_reset_count,
3160 	&dev_attr_host_trace_buffer_size,
3161 	&dev_attr_host_trace_buffer,
3162 	&dev_attr_host_trace_buffer_enable,
3163 	&dev_attr_reply_queue_count,
3164 	&dev_attr_diag_trigger_master,
3165 	&dev_attr_diag_trigger_event,
3166 	&dev_attr_diag_trigger_scsi,
3167 	&dev_attr_diag_trigger_mpi,
3168 	NULL,
3169 };
3170 
3171 /* device attributes */
3172 
3173 /**
3174  * _ctl_device_sas_address_show - sas address
3175  * @cdev - pointer to embedded class device
3176  * @buf - the buffer returned
3177  *
3178  * This is the sas address for the target
3179  *
3180  * A sysfs 'read-only' shost attribute.
3181  */
3182 static ssize_t
3183 _ctl_device_sas_address_show(struct device *dev, struct device_attribute *attr,
3184 	char *buf)
3185 {
3186 	struct scsi_device *sdev = to_scsi_device(dev);
3187 	struct MPT3SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
3188 
3189 	return snprintf(buf, PAGE_SIZE, "0x%016llx\n",
3190 	    (unsigned long long)sas_device_priv_data->sas_target->sas_address);
3191 }
3192 static DEVICE_ATTR(sas_address, S_IRUGO, _ctl_device_sas_address_show, NULL);
3193 
3194 /**
3195  * _ctl_device_handle_show - device handle
3196  * @cdev - pointer to embedded class device
3197  * @buf - the buffer returned
3198  *
3199  * This is the firmware assigned device handle
3200  *
3201  * A sysfs 'read-only' shost attribute.
3202  */
3203 static ssize_t
3204 _ctl_device_handle_show(struct device *dev, struct device_attribute *attr,
3205 	char *buf)
3206 {
3207 	struct scsi_device *sdev = to_scsi_device(dev);
3208 	struct MPT3SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
3209 
3210 	return snprintf(buf, PAGE_SIZE, "0x%04x\n",
3211 	    sas_device_priv_data->sas_target->handle);
3212 }
3213 static DEVICE_ATTR(sas_device_handle, S_IRUGO, _ctl_device_handle_show, NULL);
3214 
3215 struct device_attribute *mpt3sas_dev_attrs[] = {
3216 	&dev_attr_sas_address,
3217 	&dev_attr_sas_device_handle,
3218 	NULL,
3219 };
3220 
3221 static const struct file_operations ctl_fops = {
3222 	.owner = THIS_MODULE,
3223 	.unlocked_ioctl = _ctl_ioctl,
3224 	.poll = _ctl_poll,
3225 	.fasync = _ctl_fasync,
3226 #ifdef CONFIG_COMPAT
3227 	.compat_ioctl = _ctl_ioctl_compat,
3228 #endif
3229 };
3230 
3231 static struct miscdevice ctl_dev = {
3232 	.minor  = MPT3SAS_MINOR,
3233 	.name   = MPT3SAS_DEV_NAME,
3234 	.fops   = &ctl_fops,
3235 };
3236 
3237 /**
3238  * mpt3sas_ctl_init - main entry point for ctl.
3239  *
3240  */
3241 void
3242 mpt3sas_ctl_init(void)
3243 {
3244 	async_queue = NULL;
3245 	if (misc_register(&ctl_dev) < 0)
3246 		pr_err("%s can't register misc device [minor=%d]\n",
3247 		    MPT3SAS_DRIVER_NAME, MPT3SAS_MINOR);
3248 
3249 	init_waitqueue_head(&ctl_poll_wait);
3250 }
3251 
3252 /**
3253  * mpt3sas_ctl_exit - exit point for ctl
3254  *
3255  */
3256 void
3257 mpt3sas_ctl_exit(void)
3258 {
3259 	struct MPT3SAS_ADAPTER *ioc;
3260 	int i;
3261 
3262 	list_for_each_entry(ioc, &mpt3sas_ioc_list, list) {
3263 
3264 		/* free memory associated to diag buffers */
3265 		for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
3266 			if (!ioc->diag_buffer[i])
3267 				continue;
3268 			if (!(ioc->diag_buffer_status[i] &
3269 			    MPT3_DIAG_BUFFER_IS_REGISTERED))
3270 				continue;
3271 			if ((ioc->diag_buffer_status[i] &
3272 			    MPT3_DIAG_BUFFER_IS_RELEASED))
3273 				continue;
3274 			pci_free_consistent(ioc->pdev, ioc->diag_buffer_sz[i],
3275 			ioc->diag_buffer[i], ioc->diag_buffer_dma[i]);
3276 			ioc->diag_buffer[i] = NULL;
3277 			ioc->diag_buffer_status[i] = 0;
3278 		}
3279 
3280 		kfree(ioc->event_log);
3281 	}
3282 	misc_deregister(&ctl_dev);
3283 }
3284